100%
From Additional Work

Tracking-Parameter Stripping in Firefox's Copy Clean Link

Firefox’s “Copy Clean Link” feature strips known tracking parameters when a user copies a URL. The parameters live in two JSON files: StripOnShare.json (MPL2-licensed, the open list) and a parallel LGPL-licensed file used by some downstream builds. The lists need to stay in sync, and adding a parameter is a two-file change with the same rationale on both sides. This section covers three patches across this surface, in the order they shipped.

The patches

Stripping the _gl ParameterBug 1947168 | D271523. The Google Analytics cross-domain linker parameter. When a website uses GA cross-domain tracking, copied URLs carry a _gl query parameter that identifies the visitor across domains. Anyone sharing that link is unknowingly sharing a tracking token. Adding _gl to the strip list was my first day on the team: a single entry in two JSON files. The patch itself is small; the value of the patch is that it was the entry point into Firefox’s source tree, the review system, and the conventions for landing a change against mozilla-central. Reviewer: manuel. Landed November 5, 2025.

Stripping Audible Tracking ParametersBug 1951456 | D271524. Amazon and Audible URLs carry several layers of tracking parameters: ref_, pf_rd_r, pd_rd_w, dib_tag, and others. The existing strip-on-share rules covered some Amazon domains but were missing several international Amazon sites and all Audible domains entirely. This patch extended the site rule to cover Amazon’s national variants (.de, .co.jp, .co.uk, the rest) and added Audible rules from scratch. Reviewer: manuel. Landed November 18, 2025.

Clean Copy as Default PreferenceBug 1877421 | D276776. Power users had asked for the option to make “Copy Clean Link” the default behavior of the regular Copy Link command, with “Copy Original Link” as the secondary option for cases where they need the full URL. This patch added a preference (privacy.query_stripping.strip_on_share.default_clean_copy) and wired it through three layers: the context menu in nsContextMenu.sys.mjs, the URL bar copy logic, and a toggle in the Privacy section of about:preferences. Reviewer: manuel. Landed December 16, 2025.

The arc of the work

The three patches together are a small example of how Firefox’s privacy-by-default policy gets implemented at the surface level. Each one shifts the friction: the first adds a single tracking parameter to a list users do not see; the second extends coverage across the international sites where the same parameter family is used; the third gives users the option to opt out of having to remember to choose the clean variant. The arc moves from “default behavior on a known case” to “user-configurable default behavior across many cases.” That is the recurring shape of Firefox privacy work: ship a default, extend its coverage, then give the user control over whether the default applies.

719 contributions this year@lxyhan