From a2601553dff8bfca85acdc0bd589d52506c52958 Mon Sep 17 00:00:00 2001
From: pyllyukko <pyllyukko@maimed.org>
Date: Mon, 19 Feb 2018 11:12:44 +0200
Subject: [PATCH] Enable first-party isolation

Fixes #376
---
 README.md | 1 +
 user.js   | 6 ++++++
 2 files changed, 7 insertions(+)

diff --git a/README.md b/README.md
index 94f88cd..67b57c6 100644
--- a/README.md
+++ b/README.md
@@ -278,6 +278,7 @@ HTTP protocol related entries. This affects cookies, the user agent, referer and
 * Enable Subresource Integrity [ [1](https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity) [2](https://wiki.mozilla.org/Security/Subresource_Integrity) ]
 * Send a referer header with the target URI as the source [ [1](https://bugzilla.mozilla.org/show_bug.cgi?id=822869) [2](https://github.com/pyllyukko/user.js/issues/227) ]
 * Accept Only 1st Party Cookies [ [1](http://kb.mozillazine.org/Network.cookie.cookieBehavior#1) ]
+* Enable first-party isolation [ [1](https://bugzilla.mozilla.org/show_bug.cgi?id=1299996) [2](https://bugzilla.mozilla.org/show_bug.cgi?id=1260931) [3](https://wiki.mozilla.org/Security/FirstPartyIsolation) ]
 * Make sure that third-party cookies (if enabled) never persist beyond the session. [ [1](https://feeding.cloud.geek.nz/posts/tweaking-cookies-for-privacy-in-firefox/) [2](http://kb.mozillazine.org/Network.cookie.thirdparty.sessionOnly) [3](https://developer.mozilla.org/en-US/docs/Cookies_Preferences_in_Mozilla#network.cookie.thirdparty.sessionOnly) ]
 
 ### Caching
diff --git a/user.js b/user.js
index 4621e80..4e8c1a3 100644
--- a/user.js
+++ b/user.js
@@ -698,6 +698,12 @@ user_pref("network.http.referer.spoofSource",			true);
 // CIS 2.5.1
 user_pref("network.cookie.cookieBehavior",			1);
 
+// PREF: Enable first-party isolation
+// https://bugzilla.mozilla.org/show_bug.cgi?id=1299996
+// https://bugzilla.mozilla.org/show_bug.cgi?id=1260931
+// https://wiki.mozilla.org/Security/FirstPartyIsolation
+user_pref("privacy.firstparty.isolate",				true);
+
 // PREF: Make sure that third-party cookies (if enabled) never persist beyond the session.
 // https://feeding.cloud.geek.nz/posts/tweaking-cookies-for-privacy-in-firefox/
 // http://kb.mozillazine.org/Network.cookie.thirdparty.sessionOnly
-- 
2.11.4.GIT