Yellowlist *.prismic.io

[hansottowirtz]

What is your browser and browser version?

Chrome 69.0.3497.100

What is broken and where?

I build sites using prismic.io, a headless CMS. However, *.prismic.io and *.cdn.prismic.io are blocked, so I have to disable name-of-site.prismic.io and then name-of-site.cdn.prismic.io in privacy badger before being able to use the site. An example of such a site is greenplease.be.

What is the domain that causes breakage when blocked? What is your debug output for this domain?

All *.prismic.io sites.

**** ACTION_MAP for prismic.io
VM414:5 factalight.cdn.prismic.io {
  "dnt": false,
  "heuristicAction": "block",
  "nextUpdateTime": 1538368618593,
  "userAction": "user_cookieblock"
}
VM414:5 factalight.prismic.io {
  "dnt": false,
  "heuristicAction": "",
  "nextUpdateTime": 1538592620283,
  "userAction": "user_cookieblock"
}
VM414:5 greenplease.cdn.prismic.io {
  "dnt": false,
  "heuristicAction": "allow",
  "nextUpdateTime": 1538815572236,
  "userAction": "user_cookieblock"
}
VM414:5 prismic.io {
  "dnt": false,
  "heuristicAction": "block",
  "nextUpdateTime": 0,
  "userAction": ""
}
VM414:5 greenplease.prismic.io {
  "userAction": "user_cookieblock",
  "dnt": false,
  "heuristicAction": "",
  "nextUpdateTime": 1538586606409
}
VM414:7 **** SNITCH_MAP for prismic.io
VM414:9 prismic.io [
  "greenplease.be",
  "greenplease.localhost",
  "factalight.be"
]

[ghostwords]

This is another set of broken sites caused by Badger not auto-learning to block Google Analytics (#367). When you visit prismic.io directly, GA sets a first-party cookie on prismic.io; Prismic uses prismic.io subdomains scoped to the GA cookie to serve static resources; Badger learns to block those subdomains.

[bcyphers]

Related to this, should we ignore *.localhost first-party domains when identifying trackers?

[ghostwords]

Perhaps ... Maybe we should apply existing learning but not learn anything new when on a .localhost page? Let's continue in #817.