Page MenuHomePhabricator

Blocking all third-party storage access requests
Open, Needs TriagePublic

Description

In the Javascript console (at Firefox browsers) presents error messages like "Request to access cookie or storage on “<URL>” was blocked because we are blocking all third-party storage access requests and content blocking is enabled." For instance, it concerns "https://intake-analytics.wikimedia.org/" and "https://upload.wikimedia.org/wikipedia/commons/".

Browsers cannot know that the Wikimedia, Wikipedia and the sister domains are operated by the same foundation. Maybe the domain usage should be changed for instance to en.wikivoyage.org/intake-analytics/, en.wikivoyage.org/commons/, en.wikivoyage.org/wikidata/ and so on. I think it is not a problem to create domain aliases.

Event Timeline

Restricted Application added a subscriber: Aklapper. · View Herald TranscriptWed, Sep 16, 4:45 AM
mforns added a project: Analytics-Radar.
Krinkle added a subscriber: Krinkle.EditedThu, Sep 17, 10:59 PM

Those urls don't need to change. We just need to stop accidentally setting cookies on them. I'm 99% sure this is just coming from things like "Geo" and "LastVisit" being set on all traffic.

Several browsers already block these and that's working just fine. They are not intentionally set. At this point it's just noise seen by tech-savvy users looking at developer consoles, which would be good to fix to avoid confusion but otherwise is harmless.