Privacy/Features/Per-Site Third-Party Cookie Setting

From MozillaWiki
Jump to: navigation, search
Please use "Edit with form" above to edit this page.

Status

Per-Site Third-Party Cookie Setting
Stage Landed
Status Complete
Release target Firefox 18
Health OK
Status note `

Team

Product manager `
Directly Responsible Individual Monica Chew
Lead engineer `
Security lead Curtis Koenig
Privacy lead Sid Stamm
Localization lead `
Accessibility lead `
QA lead Ioana Budnar
UX lead `
Product marketing lead `
Operations lead `
Additional members `

Open issues/risks

`

Stage 1: Definition

1. Feature overview

It would be nice to allow users to control third-party cookie sending on a per-site basis. This way users can more granularly manage trust for sites that cookie them.

2. Users & use cases

  • I trust the entire web by default, but distrust evilTrackingCompany.com (who shows ads on sites). I want to disable sending them cookies in a third party context, but not lose that functionality on the entire web.
  • I don't like the idea of third party cookies, but want facebook connect to provide context when I visit sites. I would like to allow third party cookie-sending for facebook.com, but not for other web sites.

3. Dependencies

`

4. Requirements

  1. Plumbing for per-site third-party cookie preference. Right now we have a global preference, but not a way to dictate third-party behavior per site.
  2. User interface tweak so that these settings are available in about:permissions
  3. This must interact predictably with the global third-party cookie preference; if a user stores a site-specific preference for third-party cookies, any global preference for this is overridden. (Users can specify a global "allow" or "deny" by default, and then per-site state exceptions to that rule.)

Non-goals

  • This is not cookie double-keying.
  • This does not dictate default behavior (e.g., changing the default to turn off all third party cookies.

Stage 2: Design

5. Functional specification

`

6. User experience design

Stage 3: Planning

7. Implementation plan

  • UI: bug 770705
    • about:permissions, add 'Set 3rd Party Cookies' (o) Allow (o) Deny
    • This consumes the nsCookiePermissions API to add or remove new domain flags
  • Testing
    • A thorough battery of tests will be required to prove the API changes are correct
  • Additional Research
    • Determine the UX for Firefox Mobile, B2G - there is no about:permissions on any mobile release target

8. Reviews

Security review

`

Privacy review

`

Localization review

`

Accessibility

`

Quality Assurance review

`

Operations review

`

Stage 4: Development

9. Implementation

This probably involves adding a constant to nsICookiePermission.idl to state whether or not third party cookies are allowed for the specified origin. Probably also involves tweaking nsCookieService.cpp to check for both the global and origin-specific third party cookie permissions (see line 3122 of that file).

Relevant: bug 564877 - allow cookies but do not transmit in third-party context. We could probably improve upon this to block setting in third-party context too (not deleting them, but just not modifying or reading from the origin's cookie jar in a third party context).

Cookie behavior

The 3rd party per-site rules should be checked for and applied as an override to any global settings

  • 3rd Party Cookie Global DENY & foo.com 3rd party cookie ALLOW
    • A page at baz.com gets/sets bar.com 3rd party cookie: DENY
    • A page at baz.com gets/sets foo.com 3rd party cookie: ALLOW
  • 3rd Party Cookie Global ALLOW & foo.com 3rd party cookie DENY
    • A page at baz.com gets/sets foo.com 3rd party cookie: DENY
    • A page at baz.com gets/sets bar.com 3rd party cookie: ALLOW

Stage 5: Release

10. Landing criteria

`


Feature details

Priority P1
Rank 3
Theme / Goal Tracking Control
Roadmap Privacy
Secondary roadmap `
Feature list Platform
Project `
Engineering team Privacy

Team status notes

  status notes
Products ` `
Engineering ` `
Security sec-review-needed
   
     Full Query    
ID Summary Priority Status
807469 SecReview: atus Per-Site Third-Party Cookie Setting -- RESOLVED

1 Total; 0 Open (0%); 1 Resolved (100%); 0 Verified (0%);

Privacy ` `
Localization ` `
Accessibility ` `
Quality assurance Signed off Test Plan
User experience ` `
Product marketing ` `
Operations ` `
The given value "
   
     Full Query    
ID Summary Priority Status
807469 SecReview: atus Per-Site Third-Party Cookie Setting -- RESOLVED

1 Total; 0 Open (0%); 1 Resolved (100%); 0 Verified (0%);

" contains strip markers and therefore it cannot be parsed sufficiently.