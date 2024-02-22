State partitioning of cookies and HSTS state
Hello Vivaldi community,
not sure if this is the best forum, but as I wasn't able to find any other topic and it seems like this is not implemented in Vivaldi currently, this is maybe best sorted as a feature request.
I want to inquire about state partitioning between different websites (or more specifically, registrable domains / eTLD+1). All browsers implement this for certain things, for example cache is partitioned on all major desktop and mobile browsers. That means that if for websites from a different registrable domains (for example: "nytimes.com" and "youtube.com"), even if they contain the same image, the image cache is not re-used but instead there is a separate cache for each domain. Why do this? Well one major advantage is that the behavior of the browser on one website does not depend on what other websites it visited before, eliminating an avenue for tracking the user.
Similar state partitioning is also used for cookies and HSTS state in many browsers, for example Firefox, Brave, Safari or Ungoogled Chromium. However, currently Google Chrome, Edge and Vivaldi do not use state partitioning for these two. Some browser vendors give this functionality certain branding, like for example Firefox calls this Total Cookie Protection (calling it their "strongest privacy protection to date") while Brave does this and more with their Ephemeral site storage and for Safari it's part of what they call Tracking Prevention.
There are probably different views on this subject, but personally I see it similar to Mozilla, as a strong privacy protection. Also, as it is already the default in some major browsers, it seems like the downsides to implementing something similar at least in regards to web compatibility are almost non-existing. Thanks for considering, and hopefully this is not a duplicate
yngve Vivaldi Team
AFAIK, what Brave did was to implement a separate partitioning system, on top of the one in Chromium.
Also, third-party cookies may have at most 6-9 months left before they are disabled. I am not presently clear on whether the partitioning part of the Cookie specification (where sites activates partitioning) will work afterwards. Frankly, I am leaning towards defaulting to disabling third-party cookies soon (I have been running with third-party disabled for years, without major problems) as the Chrome deprecation gathers pace (of course, they have their own replacements, which we have disabled).
As far as non-pre-shipped HTTP Strict Transport Security policies are concerned, they are set by the sites as it is loaded the first time, and are applied globally on all future loads from the server/domain. It does not make sense security-wise to only apply a policy enabling HSTS for
example.netwhen visiting
example.com(since that originally loaded
example.netwhen the HSTS policy was set) but not when visiting
example.organd it loads content from
example.net(specifying HTTP, not HTTPS) until after it was loaded. Not applying it could allow a MITM to downgrade the connection when loaded from other sites than
example.com.