Skip to content

Blocked domain telemetry: Add referrer and original URL for redirects #307

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
jonathanmendez wants to merge 16 commits into
base: enterprise-main
Choose a base branch
from
Open

Blocked domain telemetry: Add referrer and original URL for redirects #307

jonathanmendez wants to merge 16 commits into from
+300 −10

Conversation

@jonathanmendez
Copy link
Contributor

@jonathanmendez jonathanmendez commented Dec 22, 2025

  1. Add referrer to telemetry.
  • Move telemetry from WebsiteFilter's shouldLoad to the caller in C++ that has access to the IHttpChannel with referrer information
  • Add code to obtain computed referrer (after policies) to the telemetry
  • For redirect responses, add code to observer in WebsiteFilter to include computed referrer in telemetry
  1. Since URLs that are blocked after redirect responses (3xx) do not go through the same code path, send telemetry in WebsiteFilter's observe callback when it blocks a redirected URL.
  • Update the telemetry data to rename url to blocked_url and in the case of a redirect, include an original_url field.
  • This will require changes to the console ingestion (I will create a PR)
  1. Add a test for the telemetry

jonathanmendez and others added 14 commits December 17, 2025 09:57
@jonathanmendez
[WIP] Move telemetry to C++ code
d655bac
@jonathanmendez
[WIP] testing attempt
ab1acbf
@gcp
No bug - Add referrer to enterprise blocked navigation telemetry
51ba54a 
Record referrer (when available) in the enterprise blocklist_domain_browsed Glean event and update the WebsiteFilter mochitest to flush FOG and use a referrer-producing navigation.
@gcp
No bug - Add enterprise referrer fallback
6858855 
When referrerInfo is missing/empty for blocked navigations, fall back to the associated window document URI to populate the enterprise blocklist_domain_browsed referrer extra.
@jonathanmendez
Cleanup a little AI code to simplify things
a7de5e8
@jonathanmendez
Remove redundant promise
f6d0e3b
@jonathanmendez
[WIP] Get a test for blocked url telemetry started
08cbdcd
@jonathanmendez
Tests run correctly (but fail)
937c8f2
@jonathanmendez
Tests pass with original URIs
788d2a1
@jonathanmendez
Only include original url for redirects
0f234bf
@jonathanmendez
Clean up old test call
b1a4836
@jonathanmendez
Use computed referrer and not original referrer
447f2cb
@jonathanmendez
Make sure to send blocked url and referrer even if empty
2e89006
@jonathanmendez
Move test to separate file to condition on MOZ_ENTERPRISE
6c73829
@jonathanmendez jonathanmendez requested a review from a team December 22, 2025 20:26
gcp
gcp reviewed Dec 26, 2025
View reviewed changes
browser/components/enterprisepolicies/tests/browser/browser_policy_websitefilter_telemetry.js
if (!events?.length) {
return;
}
Assert.greaterOrEqual(events.length, 1, "Should record at least one event"); // TODO this should eventually be exactly 1
Copy link
Contributor

@gcp gcp Dec 26, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

TODO?

Copy link
Contributor

@gcp gcp Dec 26, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah this refers to the debouncing/deduplication which this is still missing.

Copy link
Contributor Author

@jonathanmendez jonathanmendez Dec 30, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, I planned to implement the debouncing/deduplication in a separate PR. I don't know if we have a policy around landing TODOs into the code base and/or tagging them with links to bugs to track, etc.?

gcp
gcp requested changes Dec 26, 2025
View reviewed changes
browser/components/enterprisepolicies/metrics.yaml
type: string
original_url:
description: >
The original url, prior to redirects, that was requested resulting in a block,
Copy link
Contributor

@gcp gcp Dec 26, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

FWIW, for myself I set a block on morbo.be, then navigate to https://sjeng.org/referrer-hop.html, which is:

  document.getElementById("go").addEventListener("click", () => {
    location.href = "http://morbo.org/";
  });

morbo.org has a redirect to www.morbo.be

This records

  "events": [                                                                                                
    {                                                                                                        
      "category": "content_policy",                                                                          
      "extra": {                                                                                             
        "glean_timestamp": "1766755855522",                                                                  
        "original_url": "http://morbo.org/",                                                                 
        "referrer": "",                                                                                      
        "url": "http://www.morbo.be/"                                                                        
      },                                                                                                     
      "name": "blocklist_domain_browsed",                                                                    
      "timestamp": 0                                                                                         
    }                                                                                                        
  ],

a previous version of this patch was still getting the original referrer right:

  "events": [
    {
      "category": "content_policy",
      "extra": {
        "glean_timestamp": "1766060860297",
        "referrer": "https://sjeng.org/referrer-hop.html",
        "url": "http://www.morbo.be/"
      },
      "name": "blocklist_domain_browsed",
      "timestamp": 0
    }
  ],

Copy link
Contributor

@gcp gcp Dec 26, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've added https://sjeng.org/referrer-hop-direct.html, which is

  document.getElementById("go").addEventListener("click", () => {
    location.href = "http://www.morbo.be/";
  });

this records

  "events": [
    {
      "category": "content_policy",
      "extra": {
        "glean_timestamp": "1766756680769",
        "referrer": "",
        "url": "http://www.morbo.be/"
      },
      "name": "blocklist_domain_browsed",
      "timestamp": 0
    }
  ],

So the referrer isn't detected correctly (...any more).

Copy link
Contributor Author

@jonathanmendez jonathanmendez Dec 30, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In an offline discussion we clarified that the lack of referrer in this case is a result of the choice to use the "computed referrer", i.e. matching what is in the "Referer" header after applying the referrer-policy. In these scenarios, the block is happening while executing an http request from an https referrer, so the policy has stripped the referrer.

It is technically easy to instead use the original referrer (pre-policy), so we're left with a judgment call of which is the correct data to include. I'll pursue that question and update here accordingly.

browser/components/enterprisepolicies/tests/browser/browser_policy_websitefilter_telemetry.js
if (!events?.length) {
return;
}
Assert.greaterOrEqual(events.length, 1, "Should record at least one event"); // TODO this should eventually be exactly 1
Copy link
Contributor

@gcp gcp Dec 26, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah this refers to the debouncing/deduplication which this is still missing.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@gcp gcp gcp requested changes

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@jonathanmendez @gcp