tree: d7974fbf63928762474c0d81bde6718067670ed8 [path history] [tgz]
  1. btm_bounce_detector.cc
  2. btm_bounce_detector.h
  3. btm_bounce_detector_browsertest.cc
  4. btm_bounce_detector_unittest.cc
  5. btm_browsertest_utils.cc
  6. btm_browsertest_utils.h
  7. btm_database.cc
  8. btm_database.h
  9. btm_database_migrator.cc
  10. btm_database_migrator.h
  11. btm_database_migrator_unittest.cc
  12. btm_database_unittest.cc
  13. btm_helper_browsertest.cc
  14. btm_navigation_flow_detector.cc
  15. btm_navigation_flow_detector.h
  16. btm_navigation_flow_detector_browsertest.cc
  17. btm_page_visit_observer.cc
  18. btm_page_visit_observer.h
  19. btm_page_visit_observer_browsertest.cc
  20. btm_page_visit_observer_test_utils.cc
  21. btm_page_visit_observer_test_utils.h
  22. btm_page_visit_observer_unittest.cc
  23. btm_service_impl.cc
  24. btm_service_impl.h
  25. btm_service_unittest.cc
  26. btm_state.cc
  27. btm_state.h
  28. btm_storage.cc
  29. btm_storage.h
  30. btm_storage_unittest.cc
  31. btm_test_utils.cc
  32. btm_test_utils.h
  33. btm_test_utils_browsertest.cc
  34. btm_utils.cc
  35. btm_utils.h
  36. btm_utils_unittest.cc
  37. cookie_access_filter.cc
  38. cookie_access_filter.h
  39. cookie_access_filter_unittest.cc
  40. DEPS
  41. DIR_METADATA
  42. OWNERS
  43. persistent_repeating_timer.cc
  44. persistent_repeating_timer.h
  45. persistent_repeating_timer_unittest.cc
  46. README.md
content/browser/btm/README.md

Bounce Tracking Mitigations (BTM)

This directory contains the code for Chromium's Bounce Tracking Mitigation (BTM) feature. BTM aims to mitigate the privacy impact of “bounce tracking,” a technique used to track users across websites without relying on third-party cookies (3PCs).

For historical reasons, some of the code in this directory is also used to support mitigations against using popups to simulate 3PCs.

What is bounce tracking?

Bounce tracking involves redirecting users through a tracker website, often without their knowledge or interaction. This allows the tracker to set or access first-party cookies, effectively circumventing third-party cookie restrictions and user privacy preferences.

How does BTM work?

BTM detects potential bounce tracking by analyzing website behavior, including:

  • Short dwell times on a website before redirecting.
  • Programmatic redirects (as opposed to user-initiated ones).
  • Writing to storage (cookies, etc.) before redirecting.

If BTM determines that a website is likely involved in bounce tracking and there‘s no indication of legitimate user interaction with the site, it automatically deletes the site’s storage (eTLD+1) after a brief grace period.

Goals of BTM

  • Reduce cross-site tracking: Limit the ability of bounce trackers to identify and track users across different contexts.
  • Protect user privacy: Prevent bounce tracking from circumventing third-party cookie restrictions.
  • Maintain compatibility: Avoid disrupting legitimate use cases like federated logins and payment flows that rely on redirects.
  • Adaptability: Mitigate tracking by short-lived domains that may evade traditional blocklist-based approaches.

Non-Goals

  • Replacing third-party cookie blocking: BTM is primarily designed for environments where third-party cookies are already restricted.
  • Mitigating tracking by sites with significant first-party activity: BTM focuses on incidental parties (sites without meaningful user interaction) and may not be effective against sites with substantial first-party engagement.

Further Reading