Consider a tab context menu option to convert a normal tab to a container

[pmac]

I often click a link from an external app and a normal tab opens, but I'm logged into the web app in a container. I'd like to be able to just convert the tab rather than copy the URL, close the original tab, open a new container tab, and paste the URL.

[the8472]

Because the web has many features which makes this hard like window.opener this would also indeed break OAuth as previously mentioned. If you wanted opener to work across containers it is a privacy issue.

But I don't. OAuth is equivalent to privacy leakage. Of course I do not want it to work by default.

[jonathanKingston]

Yeah so if we sever opener between navigations this would break PayPal in this instance and other OAuth providers. That isn't an issue just something the extension author would need to know.

However yeah handling the opener state back and forward between navigations isn't super simple. Let's continue the conversation on Bugzilla thank you for updating there too!

[Stis]

@jonathanKingston Tile Tabs like i love it right now with Multifox on FF52.0.2 Tile Tabs WE like i will never use it. The more I see from WE, the more i feel i'll stay far away from it... :(

And if I don't use Tile Tabs anymore, I don't need to avoid the "destroy and recreate" part of changing context. :]

[jonathanKingston]

@Stis ah ok, I think they are likely to allow the window of Firefox to be hidden more in future so I think that will become more like the old version over time.

[saboxerman]

Hello,

The most recent comments have left me with a little head spinning as I'm not well versed in these sort of issues.

Is there any speculation on the topic of this thread occurring?

Another thought I can at least work with is having tabs open up in a certain container as a default when I open my browser. Meaning, dictating one eBay tab to open normally, another to open in a Business container, and my third opening in a Shopping container. I could live with that.

[saboxerman]

Just dug a little further. Context Plus 100% resolves what I need tabs to do.

[jonathanKingston]

I created the wiki page which is perhaps clearer. Happy to answer questions to make it clearer though.

[neclimdul]

"Essentially you turn containers into a organisational tool rather than a privacy one. "

This is actually exactly the opposite of the reason I want to move containers.

Lets follow the process: 1) Click a link in email. 2) "Oh, I'm not logged in to application X... right not the correct context. "

No there are two options 1) I copy the url, open a new tab in the container, paste the url and go, close the old tab. This just bypasses the privacy concern but it also makes me angry because I had to grab my mouse and do a bunch of stuff. 2) I log in. This not only bypasses the privacy, it messes up all the privacy on my hole un-associate container. Also, again I'm angry because containers didn't work for me.

In reality, just sending a URL to a container is the least destructive privacy option and people are going to do it anyway or not use containers so it could at least be easier and done in a way that the extension has the possibility of cleaning up tracking tokens and stuff.

[ArchangeGabriel]

So, I’ve finally found some time to read everything about this issue and I now see what the point is, but my opinion is that this is plainly wrong anyway.

The concern is about privacy leaking when reloading the URL into another container. But not allowing to reload an existing tab into a different container does not solves this, because instead people will just do as they do now, i.e. reloading tabs manually but with the same result regarding privacy! So unless you’re planning to educate users about it (which would by the way be a tad easier if you had a warning about this in the reloading tab in a different container UI), refusing this non-feature makes no sense to me.

So as far as privacy is concerned, I’ve come to realize that there is only one solution: every site is a container, which is a title I’ve seen in my GitHub notifications but have yet to read about. But anything else means you will end up at some point leaking privacy.

Now don’t get me wrong: I’m looking for privacy, not tab management. But it’s not until now and reading everything that I understood the privacy implications of my behaviour. And indeed I don’t want to reload a tab into a different container, at least not blindly (but I think no-one ever thought about blindly reloading, generally we always have good reasons to do so), but I didn’t know that before reading everything here. So that’s my point on educating users: in the current way of doing things, they are no warnings, just something that looks like a missing feature in this add-on.

[cj1985]

Has this issue ever been solved or has it been stonewalled by one or two powerful figures' obsession over privacy?

(I love it when those in control think that how they trade-off privacy/safety and convenience is also how everyone in the world should do so. It's like if they prefer vanilla to chocolate, they think that everyone in the world should do so too. No, some of us are actually adults who are capable of deciding if we prefer chocolate to vanilla.)

The only reason I'm using Containers rather than MultiFox is that MultiFox was shut down. I'd much rather still be using MultiFox which was far better, especially because of this one single feature.

If you're obsessed over privacy, a very simple solution is to offer an additional option where Containers users can choose whether they want this feature. I don't know why this hasn't been done yet.

                                 - Just another annoyed user.

[jplatte]

@cj1985 This issue has been solved insofar as there being another addon that adds this feature if you want it: https://addons.mozilla.org/nn-no/firefox/addon/context-plus/

[cj1985]

@jplatte: Thanks, this Context Plus add-on you recommend is certainly an improvement over the status quo. However it still isn't as quick and convenient as MultiFox. Ideally, what I (and I believe many others) would like are these features (which were provided by MultiFox):

Feature A. Step 1. Click once on Multi-Container button, list of profiles shows up. Step 2. Click on desired profile, new tab opens with current URL but with selected profile.

(In contrast, the Context Plus add-on requires that I (i) right-click on the tab; (ii) move mouse cursor down to "Move to Context" and wait for further drop-down window to appear; (iii) then "Ctrl+Click" desired profile.)

Feature B. The ability to rapidly open the same URL across multiple profiles. With MultiFox I could just click the MultiFox button, then click-click-click-click across all my different profiles and open up multiple tabs with the same URL, but each with a different selected profile.

(In contrast, the Context Plus add-on closes the earlier drop-down windows and immediately brings me to the new tab once I click on one profile.)

Hopefully someone can modify this add-on to have the above features. (I have also added the above requests as a review to the Context Plus add-on download page.)

[jplatte]

@cj1985 I'm not an addon dev. I'd recommend pitching this to the developer(s) of Context Plus, probably via a GitHub issue (https://github.com/totallymike/contextPlus/issues).

[Karlheinzniebuhr]

+1

[maphew]

I created the wiki page which is perhaps clearer. Happy to answer questions to make it clearer though.

Thanks for the wiki page. It made this long twisting thread understandable. Maybe edit the OP to reference it.

My 2c: "Containers" is an unfortunate choice of word, "Profiles", "Personalities" or at least "Profile containers" would be better. Containers are bins I throw things in to manage them, like with like, cups with glasses, bowls with plates. That's what I want to do most often with my tabs, without concern for privacy, it's all me and they're all mine, in the same kitchen.

Profiles are when I want different personalities and strong divisions between, different kitchens, a.k.a privacy. Using a name that highlights the design purpose might help with the confusion and reduce the 'another annoyed user' occurrences.

[faelin]

Why is this not a high-risk config item that I (the end user) can choose to override? I am mostly using containers for reasons other than tracking privacy, but the ability to quickly "containerize" a tab in-place so that it is added to a container or moved to a different container would save me the currently equivalent right-click -> "Open in New Container Tab" -> close old tab. I can already do this in three clicks, why make me create a macro to allow this? Just let me do this by default!

[reikred]

Honest question: Is it also insecure to open a new tab in the desired container, then copy/paste the URL from the old (wrong) container to the new (correct) container? That is, will this potentially reveal that these two containers are in the same browser instance?

[faelin]

TL;DR: yes, copy/pasting specific (unique) URLs increases your likelihood of being tracked, but you're already at risk of being fingerprinted even if you properly use containers, due to your browser's unique characteristics.

@reikred that somewhat depends on the nature of the URL you are opening. If it contains personalized tracking information in the URL query path (such as a unique user id, share-id, link-id, or other such session tracking parameters) then yes, the web server will potentially correlate the two browser "sessions" (containers) as belonging to the same user.

However, if you were copy something generic, such as say http://www.google.com, then the containers are as isolated as if you opened a private browser session: there are still identifiable features that the server may be able to track (there are many resources for learning more about browser fingerprinting, but I recommend amiunique.org). In other words, even with containers, the average web server may still be able to identify you as a unique user, and correlate your various containers as belonging to you.

[reikred]

@faelin , Great reply. I understand. URL with embedded personalized tracking parameters such as ?share-id=someuniquehexstring are a definite problem.

Going one step further: The OP proposed a function to move a tab to a different container. Suppose the move function removed all URL parameters from that tab (and it's history) URLs before moving the tab. Remove anything of the form ?name=value.

Would that make the move operation no less of a privacy concern than the copy-paste-to-other-tab-within-correct-container?

You can probably see where I am going with this idea...

[faelin]

It is not a safe operation to "blindly" remove tracking parameters from a URL. There are blockers (such as uBlock Origin) which offer options to strip suspected tracking parameters, but there is currently no way to reliably/safely do so automatically. Stripping parameters that look like tracking parameters, may damage your session or retrieve unintended paths. Moreover, most websites use query parameters (i.e. anything of the ?name=value format) for many necessary operations, for example when using a search function.

EDIT: this add-on for Firefox has made an attempt at this exact behavior (although it will not be 100% reliable): https://addons.mozilla.org/en-US/firefox/addon/clearurls/

However, you are correct: there is no greater risk in allowing users a shortcut to "reopen tab in new container" versus the copy-paste-close actions described above. There is no reason to limit this kind of operation aside from an attempt to "idiot-proof" the Containers system (and, as we know, "if you make something idiot-proof, someone will just make a better idiot").

In fact, I have installed the Switch Containers add-on for Firefox, which enables the exact behavior we are requesting. However, the add-on is not monitored for security risk, and so an official addition to the Firefox Containers system that enables this behavior would be far preferable.

[reikred]

@faelin, another great reply. I will try switch-container

[pmac]

I've used this one to move tabs between container contexts for years now and it's worked well https://github.com/totallymike/contextPlus

[reikred]

Sadly, none of the addons suggested thus far preserve the tab history.

switch-container did not work at all for me (functionality not added in any menus AFAICT).

switch-container-plus works but does not copy the tab history

contextPlus github page says it does not copy tab history

I guess the next thing I might look for is an addon that can export and import a tab history...

[faelin]

@reikred you are right, the history isn't preserved. I've grown used to that, but I agree that it's a problem! It would be a huge benefit to have that built natively into the behavior :(

To be blunt, I think that any admin resistance to this feature as a concept is purely due to personal opinion, and not a reasonable security concern. However, I am not a Firefox developer, so I cannot comment on the difficulty of implementation. Perhaps I can attempt to build a fix and send a pull request!