# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at
http://mozilla.org/MPL/2.0/.
# Adding a new metric? We have docs for that!
#
https://firefox-source-docs.mozilla.org/toolkit/components/glean/user/new_definitions_file.html
---
$schema: moz://mozilla.org/schemas/glean/metrics/2-0-0
$tags:
- 'Core :: DOM: Security'
httpsfirst:
upgraded:
type: counter
description: >
Counts how often a load is successfully upgraded to HTTPS because of
HTTPS-First (`dom.security.https_first` enabled). This does not include
loads that get downgraded again.
bugs:
-
https://bugzilla.mozilla.org/show_bug.cgi?id=1868380
data_reviews:
-
https://bugzilla.mozilla.org/show_bug.cgi?id=1868380#c10
data_sensitivity:
- technical
notification_emails:
- mjurgens@mozilla.com
- seceng-telemetry@mozilla.com
expires: never
upgraded_schemeless:
type: counter
description: >
Counts how often a load is successfully upgraded to HTTPS because of
schemeless HTTPS-First (`dom.security.https_first` disabled, but load
marked as schemeless). This does not include loads that get downgraded
again.
bugs:
-
https://bugzilla.mozilla.org/show_bug.cgi?id=1868380
data_reviews:
-
https://bugzilla.mozilla.org/show_bug.cgi?id=1868380#c10
data_sensitivity:
- technical
notification_emails:
- mjurgens@mozilla.com
- seceng-telemetry@mozilla.com
expires: never
downgraded:
type: counter
description: >
How many regular HTTPS-First (`dom.security.https_first` enabled)
upgrades fail and get downgraded again.
bugs:
-
https://bugzilla.mozilla.org/show_bug.cgi?id=1868380
data_reviews:
-
https://bugzilla.mozilla.org/show_bug.cgi?id=1868380#c10
data_sensitivity:
- technical
notification_emails:
- mjurgens@mozilla.com
- seceng-telemetry@mozilla.com
expires: never
downgraded_schemeless:
type: counter
description: >
How many schemeless HTTPS-First (`dom.security.https_first` disabled, but
load marked as schemeless) upgrades fail and get downgraded again.
bugs:
-
https://bugzilla.mozilla.org/show_bug.cgi?id=1868380
data_reviews:
-
https://bugzilla.mozilla.org/show_bug.cgi?id=1868380#c10
data_sensitivity:
- technical
notification_emails:
- mjurgens@mozilla.com
- seceng-telemetry@mozilla.com
expires: never
downgraded_on_timer:
type: rate
description: >
How many HTTPS-First (`dom.security.https_first` enabled) upgrades get
downgraded again because the HTTP request fired after 3s received a answer
faster than the HTTPS request.
denominator_metric: httpsfirst.downgraded
bugs:
-
https://bugzilla.mozilla.org/show_bug.cgi?id=1868380
data_reviews:
-
https://bugzilla.mozilla.org/show_bug.cgi?id=1868380#c10
data_sensitivity:
- technical
notification_emails:
- mjurgens@mozilla.com
- seceng-telemetry@mozilla.com
expires: never
downgraded_on_timer_schemeless:
type: rate
description: >
How many of schemeless HTTPS-First (`dom.security.https_first` disabled,
but load marked as schemeless) upgrades get downgraded again because the
HTTP request fired after 3s received a answer faster than the HTTPS
request
denominator_metric: httpsfirst.downgraded_schemeless
bugs:
-
https://bugzilla.mozilla.org/show_bug.cgi?id=1868380
data_reviews:
-
https://bugzilla.mozilla.org/show_bug.cgi?id=1868380#c10
data_sensitivity:
- technical
notification_emails:
- mjurgens@mozilla.com
- seceng-telemetry@mozilla.com
expires: never
downgrade_time:
type: timing_distribution
description: >
If a HTTPS-First (`dom.security.https_first` enabled) upgrade isn't
successful, measures the timespan between the navigation start and the
downgrade.
time_unit: millisecond
bugs:
-
https://bugzilla.mozilla.org/show_bug.cgi?id=1868380
data_reviews:
-
https://bugzilla.mozilla.org/show_bug.cgi?id=1868380#c10
data_sensitivity:
- technical
notification_emails:
- mjurgens@mozilla.com
- seceng-telemetry@mozilla.com
expires: never
downgrade_time_schemeless:
type: timing_distribution
description: >
If a schemeless HTTPS-First (`dom.security.https_first` disabled, but load
marked as schemeless) upgrade isn't successful, measures the timespan
between the navigation start and the downgrade.
time_unit: millisecond
bugs:
-
https://bugzilla.mozilla.org/show_bug.cgi?id=1868380
data_reviews:
-
https://bugzilla.mozilla.org/show_bug.cgi?id=1868380#c10
data_sensitivity:
- technical
notification_emails:
- mjurgens@mozilla.com
- seceng-telemetry@mozilla.com
expires: never
security:
unexpected_load:
type: event
description: >
Long term want to block all loads from the system principal that
cause us to parse non-trivial data. We don't look to break existing
functionality and will allow exceptions, for this we are collecting
information about unexpected requests triggered by the system
principal Our measurement *excludes* acceptable requests. Those are:
- annotated using the 'AllowedDeprecatedSystemRequests' loadinfo
flag - using a nsContentPolicyType of FETCH, XMLHTTPREQUEST,
WEBSOCKET, SAVEAS_DOWNLOAD or IMAGE - with a requested URI object
has the flag URI_IS_UI_RESOURCE - if the URL scheme is 'view-source'
- if the URL scheme is 'file' and the Content-Type is STYLESHEET or
OTHER - if the scheme is 'jar', 'about' or 'moz-extension'
This event was generated to correspond to the Legacy Telemetry event
security.unexpectedload#systemprincipal.
bugs:
-
https://bugzil.la/1644671
data_reviews:
-
https://bugzil.la/1644671
notification_emails:
- fbraun@mozilla.com
- ckerschb@mozilla.com
expires: never
extra_keys:
value:
description: >
The `value` of the event. Mirrors to the Legacy Telemetry
event's `value` parameter.
The filename's type, see
`nsContentSecurityUtils::FilenameToFilenameType(...)`.
type: string
contenttype:
description: >
Information about the content-type we expect to receive
type: string
remotetype:
description: >
Information about the remoteType in which we triggered the load
type: string
filedetails:
description: >
Information about the file that triggered the load
type: string
redirects:
description: >
Comma-separated string listing schemes for URLs that we redirected from
type: string
telemetry_mirror: Security_Unexpectedload_Systemprincipal
eval_usage_system_context:
type: event
# Disable yamllint for long lines
# yamllint disable
description: >
eval() (or an eval()-like method) was called while running in the
System Principal context or the Parent Process.
Expected values are:
- chromeuri - chrome:// file
- resourceuri - resource:// file
- datauri - a data URI
- bloburi - a blob URI
- abouturi - an about URI
- singlestring - A single file or string with no slashes
- mozillaextension - An extension claiming to be from *mozilla.org (Deprecated)
- otherextension - Another extension not from Mozilla (Deprecated)
- mozillaextension_file - An extension claiming to be from *mozilla.org, loaded from a file:/
/
- otherextension_file - Another extension not from Mozilla, loaded from a file://
- extension_uri - A URI with the moz-extension:// scheme
- suspectedUserChromeJS - A filepath ending in .uc.js
- sanitizedWindowsPath - A filepath, on Windows, sanitized by WinUtils::PreparePathForTelemetry which is a bare filename or a subpath of %ProgramFiles%, %SystemRoot%, or %TEMP%
- sanitizedWindowsURL - A partial URL, on Windows, consisting of either file://../ followed by the value prepared as for sanitizedWindowsPath, or the bare scheme of the original url
- other - Unknown
- other-on-worker - We cannot do a regex; it is not a chrome, resource, data, or blob uri, but could be any other.
- regexfailure - Our Regex Matching code threw an error
The fileinfo key may contain additional information about the file that
caused the eval() depending on the above value. Resource, Chrome,
About, and SingleString will contain the full value. (About URIs
will remove any querystring values.)
Extensions-from-file will contain the full value; however .xpi! will be shortened to !,
shield.mozilla.org! to s! and mozilla.org! to m!. Data, Blob,
UserChromeJS, Other, and Regexfailure should have no value.
This event was generated to correspond to the Legacy Telemetry event
security.evalUsage#systemContext.
# yamllint enable
bugs: &security_evalUsage_bugs
- https://bugzil.la/1567623
data_reviews: &security_evalUsage_data_reviews
- https://bugzil.la/1567623
notification_emails:
- tom@mozilla.com
- ckerschb@mozilla.com
expires: never
extra_keys: &security_evalUsage_extra
value:
description: >
The `value` of the event. Mirrors to the Legacy Telemetry
event's `value` parameter.
The filename's type, see
`nsContentSecurityUtils::FilenameToFilenameType(...)`.
type: string
fileinfo:
description: >
Information about the file that triggered eval
type: string
telemetry_mirror: Security_Evalusage_Systemcontext
csp_violation_browser:
type: event
description: >
Information about CSP violations that happen in browser.xhtml, that
are caused by the Content-Security-Policy that restricts which scripts
can execute.
bugs:
- https://bugzil.la/1937080
data_reviews:
- https://bugzil.la/1937080
notification_emails:
- tschuster@mozilla.com
- freddy@mozilla.com
expires: never
extra_keys:
directive:
description: >
The same as SecurityPolicyViolationEvent's effectiveDirective.
type: string
sourcetype:
description: >
The sanitized type of SecurityPolicyViolationEvent's sourceFile,
e.g. "chromeuri".
This follows eval_usage_system_context sanitization procedure.
type: string
sourcedetails:
description: >
A sanitized version of SecurityPolicyViolationEvent's sourceFile,
e.g. the whole chrome:// URL in some cases.
This follows eval_usage_system_context sanitization procedure.
type: string
blockeduritype:
description: >
The sanitized type of SecurityPolicyViolationEvent's blockedURI.
type: string
blockeduridetails:
description: >
A sanitized version of SecurityPolicyViolationEvent's blockedURI.
type: string
linenumber:
description: >
The same as SecurityPolicyViolationEvent's lineNumber.
type: quantity
columnnumber:
description: >
The same as SecurityPolicyViolationEvent's columnNumber.
type: quantity
sample:
description: >
The same as SecurityPolicyViolationEvent's sample.
(Only for violations from chrome:)
type: string
csp_violation_internal_page:
type: event
description: >
Information about Content-Security-Policy violations that happen in internal pages like chrome://
bugs:
- https://bugzil.la/1942622
data_reviews:
- https://bugzil.la/1942622
notification_emails:
- tschuster@mozilla.com
- freddy@mozilla.com
expires: never
extra_keys:
directive:
description: >
The same as SecurityPolicyViolationEvent's effectiveDirective.
type: string
selftype:
description: >
The sanitized type of the "self uri", which is roughly similar to the documentURI.
This follows eval_usage_system_context sanitization procedure.
type: string
selfdetails:
description: >
A sanitized version of the "self uri", which is roughly similar to the documentURI,
e.g. the whole chrome:// URL in some cases.
This follows eval_usage_system_context sanitization procedure.
type: string
sourcetype:
description: >
The sanitized type of SecurityPolicyViolationEvent's sourceFile,
e.g. "chromeuri".
This follows eval_usage_system_context sanitization procedure.
type: string
sourcedetails:
description: >
A sanitized version of SecurityPolicyViolationEvent's sourceFile,
e.g. the whole chrome:// URL in some cases.
This follows eval_usage_system_context sanitization procedure.
type: string
blockeduritype:
description: >
The sanitized type of SecurityPolicyViolationEvent's blockedURI.
type: string
blockeduridetails:
description: >
A sanitized version of SecurityPolicyViolationEvent's blockedURI.
type: string
linenumber:
description: >
The same as SecurityPolicyViolationEvent's lineNumber.
type: quantity
columnnumber:
description: >
The same as SecurityPolicyViolationEvent's columnNumber.
type: quantity
sample:
description: >
The same as SecurityPolicyViolationEvent's sample.
(Only for violations from chrome:)
type: string
eval_usage_parent_process:
type: event
description: >
eval() (or an eval()-like method) was called while running in the
System Principal context or the Parent Process. Expected values are:
chromeuri - chrome:// file resourceuri - resource:// file
datauri - a data URI bloburi - a blob URI abouturi - an about
URI singlestring - A single file or string with no slashes
mozillaextension - An extension claiming to be from *mozilla.org
(Deprecated) otherextension - Another extension not from Mozilla
(Deprecated) mozillaextension_file - An extension claiming to be
from *mozilla.org, loaded from a file:// otherextension_file -
Another extension not from Mozilla, loaded from a file://
extension_uri - A URI with the moz-extension:// scheme
suspectedUserChromeJS - A filepath ending in .uc.js
sanitizedWindowsPath - A filepath, on Windows, sanitized by
WinUtils::PreparePathForTelemetry which is
a bare filename or a subpath of %ProgramFiles%, %SystemRoot%,
or %TEMP% sanitizedWindowsURL - A partial URL, on Windows,
consisting of either file://../ followed by
the value prepared as for sanitizedWindowsPath, or the bare scheme
of the original url other - Unknown
other-on-worker - We cannot do a regex; it is not a chrome,
resource, data, or blob uri, but could be any
other. regexfailure - Our Regex Matching code threw an error The
fileinfo key may contain additional information about the file that
caused the eval() depending on the above value. Resource, Chrome,
About, and SingleString will contain the full value. (About URIs
will remove any querystring values.) Extensions-from-file will
contain the full value; however .xpi! will be shortened to !,
shield.mozilla.org! to s! and mozilla.org! to m!. Data, Blob,
UserChromeJS, Other, and Regexfailure should have no value.
This event was generated to correspond to the Legacy Telemetry event
security.evalUsage#parentProcess.
bugs: *security_evalUsage_bugs
data_reviews: *security_evalUsage_data_reviews
notification_emails:
- tom@mozilla.com
- ckerschb@mozilla.com
expires: never
extra_keys: *security_evalUsage_extra
telemetry_mirror: Security_Evalusage_Parentprocess
javascript_load_parent_process:
type: event
description: >
The javascript engine requested to load a filename that was not
allowed. Expected values, and fileinfo key, are the same possible
values as above in 'evalUsage'
This event was generated to correspond to the Legacy Telemetry event
security.javascriptLoad#parentProcess.
bugs:
- https://bugzil.la/1582512
data_reviews:
- https://bugzil.la/1582512
notification_emails:
- tom@mozilla.com
- gijs@mozilla.com
expires: never
extra_keys:
value:
description: >
The `value` of the event. Mirrors to the Legacy Telemetry
event's `value` parameter.
The filename's type, see
`nsContentSecurityUtils::FilenameToFilenameType(...)`.
type: string
fileinfo:
description: >
Information about the filename that was requested to be loaded
type: string
telemetry_mirror: Security_Javascriptload_Parentprocess
