A Work Item of the Privacy Community Group.
- GitHub privacycg/storage-partitioning (new issue, open issues)
- GitHub privacycg/storage-partitioning/commits
User agent state that is keyed by a single origin or site is an acknowledged privacy and security bug. Through side-channels or more directly, this allows:
- A top-level site
https://site-a.exampleA to infer that a user is also visiting top-level sitehttps://site-b.exampleB, by embedding resources or documents from B in A. Beyond visiting, it can also allow A to infer specific state from B that depends on the user, thereby revealing many aspects of the user. Timing Attacks on Web Privacy, XS-Leaks, and COSI discuss this in more detail. - Conversely, it allows a site
https://tracker.examplewhose resources might be embedded on many different sites, to track the end user across these sites.
To solve a key aspect of this, any such user agent state needs to be keyed by more than a single origin or site.
There are many standards that together make up a user agent and many of these standards define “problematic” state. This repository’s issue tracker is where we're coordinating the effort to address these issues in an ideally holistic manner. The actual changes will happen in each impacted standard and are collated here for visibility.
whatwg/html #4966 defined the top-level origin concept for an environment and HTML also defines site and obtain a site. Together these allow for a definition of top-level site, which most user agents are targeting as additional key.
For some user agent state it might be beneficial to add even more keys, e.g., to prevent attacks between framed documents. shivanigithub/http-cache-partitioning #2 has some relevant discussion.
For some user agent state (Cookies and Storage below in particular are under discussion) the additional keying might be relaxable. This is tracked by The Storage Access API though also necessarily has to inform the work noted below as it might impact architecture decisions.
Aside from using additional keying, outright blocking of the user agent state is also considered at times, e.g., for Cookies or as happens today for Storage in opaque origins. This is not likely to be web compatible nor even desirable for all user agent state, but could well be a valid solution for some.
A likely inexhaustive enumeration of user agent state and ongoing standards activity:
- Cookies
- Network state:
- HTTP cache (whatwg/fetch #904, whatwg/fetch #943)
- Connections (whatwg/fetch #917)
- Also consider speculative connections
- DNS
- HTTP authentication
- Alt-Svc
- Fonts
- HSTS
- TLS client certificates
- TLS session identifiers
- HPKP
- OCSP
- Intermediate CA cache
- Prefetch
- Preconnect
- Storage (whatwg/storage #18):
- Indexed DB
- Cache API
localStoragesessionStoragehistory.pushState()new Notification()- AppCache (actively being removed, probably not relevant)
- Storage (communication channels):
BroadcastChannel- Shared workers
- Service workers
- Web Locks
- Web Authentication
- WebRTC’s
deviceId(w3c/mediacapture-main #675) - Blob URL store (w3c/FileAPI #153)
- HTML Standard’s list of available images
window.name- Browsing context group's agent cluster map (only observable with popups)
- Permissions (Feature Policy allows these to be disabled by default when the top-level site is not equal to the current site and require explicit delegation in such cases)
- Persistent storage (whatwg/storage #87)
- Non-standardized features:
- Credentials (username and password storage)
- Form autofill data storage
- Per-site user preferences
- Favicon cache
- Page info media previews
- Save Page As
If there is state or standards activity missing please file an issue or provide a pull request.
The author of this document was inspired by Chromium’s Network Isolation Key, Firefox’s (dynamic) First-Party Isolation, Safari’s Intelligent Tracking Prevention, XS-Leaks, and the many people wanting to improve these aspects of the web.