horok/firefox
1
0
Fork 0
Code Activity
firefox/dom/security/metrics.yaml
Daniel Baumann 5e9a113729
Adding upstream version 140.0. 
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
2025-06-25 09:37:52 +02:00

616 lines
22 KiB
YAML
Raw Permalink Blame History

# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
# Adding a new metric? We have docs for that!
# https://firefox-source-docs.mozilla.org/toolkit/components/glean/user/new_definitions_file.html
---
$schema: moz://mozilla.org/schemas/glean/metrics/2-0-0
$tags:
- 'Core :: DOM: Security'
httpsfirst:
upgraded:
type: counter
description: >
Counts how often a load is successfully upgraded to HTTPS because of
HTTPS-First (`dom.security.https_first` enabled). This does not include
loads that get downgraded again.
bugs:
- https://bugzilla.mozilla.org/show_bug.cgi?id=1868380
data_reviews:
- https://bugzilla.mozilla.org/show_bug.cgi?id=1868380#c10
data_sensitivity:
- technical
notification_emails:
- mjurgens@mozilla.com
- seceng-telemetry@mozilla.com
expires: never
upgraded_schemeless:
type: counter
description: >
Counts how often a load is successfully upgraded to HTTPS because of
schemeless HTTPS-First (`dom.security.https_first` disabled, but load
marked as schemeless). This does not include loads that get downgraded
again.
bugs:
- https://bugzilla.mozilla.org/show_bug.cgi?id=1868380
data_reviews:
- https://bugzilla.mozilla.org/show_bug.cgi?id=1868380#c10
data_sensitivity:
- technical
notification_emails:
- mjurgens@mozilla.com
- seceng-telemetry@mozilla.com
expires: never
downgraded:
type: counter
description: >
How many regular HTTPS-First (`dom.security.https_first` enabled)
upgrades fail and get downgraded again.
bugs:
- https://bugzilla.mozilla.org/show_bug.cgi?id=1868380
data_reviews:
- https://bugzilla.mozilla.org/show_bug.cgi?id=1868380#c10
data_sensitivity:
- technical
notification_emails:
- mjurgens@mozilla.com
- seceng-telemetry@mozilla.com
expires: never
downgraded_schemeless:
type: counter
description: >
How many schemeless HTTPS-First (`dom.security.https_first` disabled, but
load marked as schemeless) upgrades fail and get downgraded again.
bugs:
- https://bugzilla.mozilla.org/show_bug.cgi?id=1868380
data_reviews:
- https://bugzilla.mozilla.org/show_bug.cgi?id=1868380#c10
data_sensitivity:
- technical
notification_emails:
- mjurgens@mozilla.com
- seceng-telemetry@mozilla.com
expires: never
downgraded_on_timer:
type: rate
description: >
How many HTTPS-First (`dom.security.https_first` enabled) upgrades get
downgraded again because the HTTP request fired after 3s received a answer
faster than the HTTPS request.
denominator_metric: httpsfirst.downgraded
bugs:
- https://bugzilla.mozilla.org/show_bug.cgi?id=1868380
data_reviews:
- https://bugzilla.mozilla.org/show_bug.cgi?id=1868380#c10
data_sensitivity:
- technical
notification_emails:
- mjurgens@mozilla.com
- seceng-telemetry@mozilla.com
expires: never
downgraded_on_timer_schemeless:
type: rate
description: >
How many of schemeless HTTPS-First (`dom.security.https_first` disabled,
but load marked as schemeless) upgrades get downgraded again because the
HTTP request fired after 3s received a answer faster than the HTTPS
request
denominator_metric: httpsfirst.downgraded_schemeless
bugs:
- https://bugzilla.mozilla.org/show_bug.cgi?id=1868380
data_reviews:
- https://bugzilla.mozilla.org/show_bug.cgi?id=1868380#c10
data_sensitivity:
- technical
notification_emails:
- mjurgens@mozilla.com
- seceng-telemetry@mozilla.com
expires: never
downgrade_time:
type: timing_distribution
description: >
If a HTTPS-First (`dom.security.https_first` enabled) upgrade isn't
successful, measures the timespan between the navigation start and the
downgrade.
time_unit: millisecond
bugs:
- https://bugzilla.mozilla.org/show_bug.cgi?id=1868380
data_reviews:
- https://bugzilla.mozilla.org/show_bug.cgi?id=1868380#c10
data_sensitivity:
- technical
notification_emails:
- mjurgens@mozilla.com
- seceng-telemetry@mozilla.com
expires: never
downgrade_time_schemeless:
type: timing_distribution
description: >
If a schemeless HTTPS-First (`dom.security.https_first` disabled, but load
marked as schemeless) upgrade isn't successful, measures the timespan
between the navigation start and the downgrade.
time_unit: millisecond
bugs:
- https://bugzilla.mozilla.org/show_bug.cgi?id=1868380
data_reviews:
- https://bugzilla.mozilla.org/show_bug.cgi?id=1868380#c10
data_sensitivity:
- technical
notification_emails:
- mjurgens@mozilla.com
- seceng-telemetry@mozilla.com
expires: never
security:
unexpected_load:
type: event
description: >
Long term want to block all loads from the system principal that
cause us to parse non-trivial data. We don't look to break existing
functionality and will allow exceptions, for this we are collecting
information about unexpected requests triggered by the system
principal Our measurement *excludes* acceptable requests. Those are:
- annotated using the 'AllowedDeprecatedSystemRequests' loadinfo
flag - using a nsContentPolicyType of FETCH, XMLHTTPREQUEST,
WEBSOCKET, SAVEAS_DOWNLOAD or IMAGE - with a requested URI object
has the flag URI_IS_UI_RESOURCE - if the URL scheme is 'view-source'
- if the URL scheme is 'file' and the Content-Type is STYLESHEET or
OTHER - if the scheme is 'jar', 'about' or 'moz-extension'
This event was generated to correspond to the Legacy Telemetry event
security.unexpectedload#systemprincipal.
bugs:
- https://bugzil.la/1644671
data_reviews:
- https://bugzil.la/1644671
notification_emails:
- fbraun@mozilla.com
- ckerschb@mozilla.com
expires: never
extra_keys:
value:
description: >
The `value` of the event. Mirrors to the Legacy Telemetry
event's `value` parameter.
The filename's type, see
`nsContentSecurityUtils::FilenameToFilenameType(...)`.
type: string
contenttype:
description: >
Information about the content-type we expect to receive
type: string
remotetype:
description: >
Information about the remoteType in which we triggered the load
type: string
filedetails:
description: >
Information about the file that triggered the load
type: string
redirects:
description: >
Comma-separated string listing schemes for URLs that we redirected from
type: string
telemetry_mirror: Security_Unexpectedload_Systemprincipal
eval_usage_system_context:
type: event
# Disable yamllint for long lines
# yamllint disable
description: >
eval() (or an eval()-like method) was called while running in the
System Principal context or the Parent Process.
Expected values are:
- chromeuri - chrome:// file
- resourceuri - resource:// file
- datauri - a data URI
- bloburi - a blob URI
- abouturi - an about URI
- singlestring - A single file or string with no slashes
- mozillaextension - An extension claiming to be from *mozilla.org (Deprecated)
- otherextension - Another extension not from Mozilla (Deprecated)
- mozillaextension_file - An extension claiming to be from *mozilla.org, loaded from a file://
- otherextension_file - Another extension not from Mozilla, loaded from a file://
- extension_uri - A URI with the moz-extension:// scheme
- suspectedUserChromeJS - A filepath ending in .uc.js
- sanitizedWindowsPath - A filepath, on Windows, sanitized by WinUtils::PreparePathForTelemetry which is a bare filename or a subpath of %ProgramFiles%, %SystemRoot%, or %TEMP%
- sanitizedWindowsURL - A partial URL, on Windows, consisting of either file://../ followed by the value prepared as for sanitizedWindowsPath, or the bare scheme of the original url
- other - Unknown
- other-on-worker - We cannot do a regex; it is not a chrome, resource, data, or blob uri, but could be any other.
- regexfailure - Our Regex Matching code threw an error
The fileinfo key may contain additional information about the file that
caused the eval() depending on the above value. Resource, Chrome,
About, and SingleString will contain the full value. (About URIs
will remove any querystring values.)
Extensions-from-file will contain the full value; however .xpi! will be shortened to !,
shield.mozilla.org! to s! and mozilla.org! to m!. Data, Blob,
UserChromeJS, Other, and Regexfailure should have no value.
This event was generated to correspond to the Legacy Telemetry event
security.evalUsage#systemContext.
# yamllint enable
bugs: &security_evalUsage_bugs
- https://bugzil.la/1567623
data_reviews: &security_evalUsage_data_reviews
- https://bugzil.la/1567623
notification_emails:
- tom@mozilla.com
- ckerschb@mozilla.com
expires: never
extra_keys: &security_evalUsage_extra
value:
description: >
The `value` of the event. Mirrors to the Legacy Telemetry
event's `value` parameter.
The filename's type, see
`nsContentSecurityUtils::FilenameToFilenameType(...)`.
type: string
fileinfo:
description: >
Information about the file that triggered eval
type: string
telemetry_mirror: Security_Evalusage_Systemcontext
csp_violation_internal_page:
type: event
description: >
Information about Content-Security-Policy violations that happen in internal pages like chrome://
bugs:
- https://bugzil.la/1942622
data_reviews:
- https://bugzil.la/1942622
notification_emails:
- tschuster@mozilla.com
- freddy@mozilla.com
expires: never
extra_keys:
directive:
description: >
The same as SecurityPolicyViolationEvent's effectiveDirective.
type: string
selftype:
description: >
The sanitized type of the "self uri", which is roughly similar to the documentURI.
This follows eval_usage_system_context sanitization procedure.
type: string
selfdetails:
description: >
A sanitized version of the "self uri", which is roughly similar to the documentURI,
e.g. the whole chrome:// URL in some cases.
This follows eval_usage_system_context sanitization procedure.
type: string
sourcetype:
description: >
The sanitized type of SecurityPolicyViolationEvent's sourceFile,
e.g. "chromeuri".
This follows eval_usage_system_context sanitization procedure.
type: string
sourcedetails:
description: >
A sanitized version of SecurityPolicyViolationEvent's sourceFile,
e.g. the whole chrome:// URL in some cases.
This follows eval_usage_system_context sanitization procedure.
type: string
blockeduritype:
description: >
The sanitized type of SecurityPolicyViolationEvent's blockedURI.
type: string
blockeduridetails:
description: >
A sanitized version of SecurityPolicyViolationEvent's blockedURI.
type: string
linenumber:
description: >
The same as SecurityPolicyViolationEvent's lineNumber.
type: quantity
columnnumber:
description: >
The same as SecurityPolicyViolationEvent's columnNumber.
type: quantity
sample:
description: >
The same as SecurityPolicyViolationEvent's sample.
(Only for violations from chrome:)
type: string
eval_usage_parent_process:
type: event
description: >
eval() (or an eval()-like method) was called while running in the
System Principal context or the Parent Process. Expected values are:
chromeuri - chrome:// file resourceuri - resource:// file
datauri - a data URI bloburi - a blob URI abouturi - an about
URI singlestring - A single file or string with no slashes
mozillaextension - An extension claiming to be from *mozilla.org
(Deprecated) otherextension - Another extension not from Mozilla
(Deprecated) mozillaextension_file - An extension claiming to be
from *mozilla.org, loaded from a file:// otherextension_file -
Another extension not from Mozilla, loaded from a file://
extension_uri - A URI with the moz-extension:// scheme
suspectedUserChromeJS - A filepath ending in .uc.js
sanitizedWindowsPath - A filepath, on Windows, sanitized by
WinUtils::PreparePathForTelemetry which is
a bare filename or a subpath of %ProgramFiles%, %SystemRoot%,
or %TEMP% sanitizedWindowsURL - A partial URL, on Windows,
consisting of either file://../ followed by
the value prepared as for sanitizedWindowsPath, or the bare scheme
of the original url other - Unknown
other-on-worker - We cannot do a regex; it is not a chrome,
resource, data, or blob uri, but could be any
other. regexfailure - Our Regex Matching code threw an error The
fileinfo key may contain additional information about the file that
caused the eval() depending on the above value. Resource, Chrome,
About, and SingleString will contain the full value. (About URIs
will remove any querystring values.) Extensions-from-file will
contain the full value; however .xpi! will be shortened to !,
shield.mozilla.org! to s! and mozilla.org! to m!. Data, Blob,
UserChromeJS, Other, and Regexfailure should have no value.
This event was generated to correspond to the Legacy Telemetry event
security.evalUsage#parentProcess.
bugs: *security_evalUsage_bugs
data_reviews: *security_evalUsage_data_reviews
notification_emails:
- tom@mozilla.com
- ckerschb@mozilla.com
expires: never
extra_keys: *security_evalUsage_extra
telemetry_mirror: Security_Evalusage_Parentprocess
javascript_load_parent_process:
type: event
description: >
The javascript engine requested to load a filename that was not
allowed. Expected values, and fileinfo key, are the same possible
values as above in 'evalUsage'
This event was generated to correspond to the Legacy Telemetry event
security.javascriptLoad#parentProcess.
bugs:
- https://bugzil.la/1582512
data_reviews:
- https://bugzil.la/1582512
notification_emails:
- tom@mozilla.com
- gijs@mozilla.com
expires: never
extra_keys:
value:
description: >
The `value` of the event. Mirrors to the Legacy Telemetry
event's `value` parameter.
The filename's type, see
`nsContentSecurityUtils::FilenameToFilenameType(...)`.
type: string
fileinfo:
description: >
Information about the filename that was requested to be loaded
type: string
telemetry_mirror: Security_Javascriptload_Parentprocess
https_only_mode_upgrade_time:
type: labeled_timing_distribution
description: >
Time it takes for a request that has been upgraded with HTTPS-Only Mode to
complete, broken down by top-level (top) / sub-resource (sub) and status
This metric was generated to correspond to the Legacy Telemetry
exponential histogram HTTPS_ONLY_MODE_UPGRADE_TIME_MS.
time_unit: millisecond
labels:
- top_successful
- sub_successful
- top_f_redirectloop
- sub_f_redirectloop
- top_f_timeout
- sub_f_timeout
- top_f_aborted
- sub_f_aborted
- top_f_cxnrefused
- sub_f_cxnrefused
- top_f_ssl_selfsignd
- sub_f_ssl_selfsignd
- top_f_ssl_badcertdm
- sub_f_ssl_badcertdm
- top_f_ssl_unkwnissr
- sub_f_ssl_unkwnissr
- top_f_ssl_other
- sub_f_ssl_other
- top_f_other
- sub_f_other
bugs:
- https://bugzilla.mozilla.org/show_bug.cgi?id=1627206
data_reviews:
- https://bugzilla.mozilla.org/show_bug.cgi?id=1627206
notification_emails:
- julianwels@mozilla.com
- seceng-telemetry@mozilla.com
expires: never
telemetry_mirror: HTTPS_ONLY_MODE_UPGRADE_TIME_MS
referrer_policy_count:
type: custom_distribution
description: >
The counter of each referrer policy which has been computed for a
referrer. The buckets (0-8) are for same-site requests and buckets (9-17)
are for cross-site requests. Note that the index matches to the order in
ReferrerPolicy.webidl
This metric was generated to correspond to the Legacy Telemetry enumerated
histogram REFERRER_POLICY_COUNT.
range_min: 0
range_max: 18
bucket_count: 19
histogram_type: linear
bugs:
- https://bugzilla.mozilla.org/show_bug.cgi?id=1720869
data_reviews:
- https://bugzilla.mozilla.org/show_bug.cgi?id=1720869
notification_emails:
- tihuang@mozilla.com
- ckerschbaumer@mozilla.com
- seceng-telemetry@mozilla.com
expires: never
telemetry_mirror: REFERRER_POLICY_COUNT
mixed_content:
page_load:
type: custom_distribution
description: >
Accumulates type of content per page load (0=no mixed or non-secure page,
1=mixed passive, 2=mixed active, 3=mixed passive and mixed active)
This metric was generated to correspond to the Legacy Telemetry enumerated
histogram MIXED_CONTENT_PAGE_LOAD.
range_min: 0
range_max: 4
bucket_count: 5
histogram_type: linear
bugs:
- https://bugzilla.mozilla.org/show_bug.cgi?id=1935420
data_reviews:
- https://bugzilla.mozilla.org/show_bug.cgi?id=1935420
notification_emails:
- seceng-telemetry@mozilla.com
expires: never
telemetry_mirror: MIXED_CONTENT_PAGE_LOAD
unblock_counter:
type: custom_distribution
description: >
A simple counter of daily mixed-content unblock operations and top
documents loaded
This metric was generated to correspond to the Legacy Telemetry enumerated
histogram MIXED_CONTENT_UNBLOCK_COUNTER.
range_min: 0
range_max: 3
bucket_count: 4
histogram_type: linear
bugs:
- https://bugzilla.mozilla.org/show_bug.cgi?id=1935420
data_reviews:
- https://bugzilla.mozilla.org/show_bug.cgi?id=1935420
notification_emails:
- seceng-telemetry@mozilla.com
expires: never
telemetry_mirror: MIXED_CONTENT_UNBLOCK_COUNTER
hsts:
type: custom_distribution
description: >
How often would blocked mixed content be allowed if HSTS upgrades were
allowed? 0=display/no-HSTS, 1=display/HSTS, 2=active/no-HSTS,
3=active/HSTS
This metric was generated to correspond to the Legacy Telemetry enumerated
histogram MIXED_CONTENT_HSTS.
range_min: 0
range_max: 10
bucket_count: 11
histogram_type: linear
bugs:
- https://bugzilla.mozilla.org/show_bug.cgi?id=1935420
data_reviews:
- https://bugzilla.mozilla.org/show_bug.cgi?id=1935420
notification_emails:
- seceng-telemetry@mozilla.com
expires: never
telemetry_mirror: MIXED_CONTENT_HSTS
images:
type: labeled_counter
description: >
How often image loads fail in regular mode and in upgrading mode?
This metric was generated to correspond to the Legacy Telemetry
categorical histogram MIXED_CONTENT_IMAGES.
labels:
- ImgUpSuccess
- ImgUpFailure
- ImgNoUpSuccess
- ImgNoUpFailure
bugs:
- https://bugzilla.mozilla.org/show_bug.cgi?id=1819336
data_reviews:
- https://bugzilla.mozilla.org/show_bug.cgi?id=1819336
notification_emails:
- seceng-telemetry@mozilla.com
expires: never
telemetry_mirror: h#MIXED_CONTENT_IMAGES
video:
type: labeled_counter
description: >
How often video loads fail in regular mode and in upgrading mode?
This metric was generated to correspond to the Legacy Telemetry
categorical histogram MIXED_CONTENT_VIDEO.
labels:
- VideoUpSuccess
- VideoUpFailure
- VideoNoUpSuccess
- VideoNoUpFailure
bugs:
- https://bugzilla.mozilla.org/show_bug.cgi?id=1819336
data_reviews:
- https://bugzilla.mozilla.org/show_bug.cgi?id=1819336
notification_emails:
- seceng-telemetry@mozilla.com
expires: never
telemetry_mirror: h#MIXED_CONTENT_VIDEO
audio:
type: labeled_counter
description: >
How often audio loads fail in regular mode and in upgrading mode?
This metric was generated to correspond to the Legacy Telemetry
categorical histogram MIXED_CONTENT_AUDIO.
labels:
- AudioUpSuccess
- AudioUpFailure
- AudioNoUpSuccess
- AudioNoUpFailure
bugs:
- https://bugzilla.mozilla.org/show_bug.cgi?id=1819336
data_reviews:
- https://bugzilla.mozilla.org/show_bug.cgi?id=1819336
notification_emails:
- seceng-telemetry@mozilla.com
expires: never
telemetry_mirror: h#MIXED_CONTENT_AUDIO
security.ui:
events:
type: custom_distribution
description: >
Security-related UI events (addons, form submission, TLS certs, Safe
Browsing, updates and geolocation). See
/security/manager/ssl/nsISecurityUITelemetry.idl for the specific values.
This metric was generated to correspond to the Legacy Telemetry enumerated
histogram SECURITY_UI.
range_min: 0
range_max: 100
bucket_count: 101
histogram_type: linear
bugs:
- https://bugzilla.mozilla.org/show_bug.cgi?id=767676
data_reviews:
- https://bugzilla.mozilla.org/show_bug.cgi?id=767676
notification_emails:
- seceng-telemetry@mozilla.com
- fxprivacyandsecurity@mozilla.com
expires: never
telemetry_mirror: SECURITY_UI
View git blame Copy permalink