Firefox adds protections against redirect tracking

New protection already active in Firefox 79; will roll out to all Firefox users in the next few weeks.
Written by Catalin Cimpanu, Contributor
Image: Mozilla

With the release of Firefox 79 last week, Mozilla silently added a new feature to Enhanced Tracking Protection (ETP) -- Firefox's internal component that blocks invasive user-tracking techniques.

According to Mozilla, Firefox 79 can now block a new technique called "redirect tracking."

Online advertisers and web analytics companies have recently begun adopting this new technique after Firefox, Chrome, Brave, and other browsers have recently included privacy protections inside their code to block user tracking and user fingerprinting scripts.

More specifically, this technique was developed to circumvent browsers that prevent advertisers from using third-party cookies to track users.

Third-party cookies allowed an advertiser to drop a cookie file inside the user's browser from its allocated ad slot. As the user navigated across the web, the advertiser would read the user's local cookie from within ad slots on different sites -- allowing the advertiser to track the user's movements across the web.

As browsers now prevent advertisers from dropping this cookie, some ad tech companies came up with the bright idea of redirecting users (who interact with their ads) to one of their domains, read the cookie file, and then redirect the user to their destination effectively creating their own first-party (tracking) cookies instead of relying on third-party cookies created on other sites.

Firefox to clear cookies for ad tech companies each day

Mozilla says that going forward, it plans to clear first-party cookies every 24 hours for all known advertisers as a way to prevent redirect tracking. This way, even if advertisers employ redirect tracking, users will have a brand new identity each day, preventing companies from linking previous activity to a unique user profile.

The browser maker said this new protection is included in Enhanced Tracking Protection 2.0, the next iteration of its ETP feature. While currently only active for Firefox 79 users, Mozilla said ETP 2.0 would eventually roll out to all users within the next few weeks.

However, Mozilla says that blocking redirect tracking won't be active for all known ad tech companies.

"Sometimes trackers do more than just track; trackers may also offer services you engage with, such as a search engine or social network," Mozilla said, hinting at companies like Google, Microsoft, Facebook, or Twitter.

"If Firefox cleared cookies for these services we'd end up logging you out of your email or social network every day," it said.

For these sites, Mozilla said it would clear cookies every 45 days.

Additional details about redirect tracking are available on the MDN developer network.

All the Chromium-based browsers

Editorial standards