MozillaZine

SeaMonkey 2.19 to NOT block third party cookies by default

Discussion about Seamonkey builds
rsx11m
Moderator
 
Posts: 14425
Joined: May 3rd, 2007, 7:40 am
Location: US

Post Posted February 26th, 2013, 10:14 am

From Firefox Builds, viewtopic.php?f=23&t=2667761
Reflective wrote:It would appear that Mozilla is going the Safari route to block third party cookies by default. It's also been suggested that users clear all cookies before installing that version which is a bit controversial.

More on the subject here: The New Firefox Cookie Policy

The post isn't entirely accurate, only 3rd-party cookies (coming from websites other than the website which you are currently visiting, frequently tracking sites, but also content sites for images, etc.) from websites which you haven't been actively visiting before are blocked.

For example, if Facebook wants to set a cookie for a "Like" button in another web page, it initially wouldn't be allowed to do so. But, if you go to the primary Facebook website to view some stuff, thus acquiring some permitted cookies from that visit, subsequent return visits to the other site would now allow the "Like" button to use the 3rd-party cookies as there has been a permitted "visit" of that site before. From the user-tracking point of view this leaves some loopholes, but it's better than the previous default which just blindly allowed the 3rd-party cookies, thus supporting tracking.

This breaks the Privacy & Security > Cookies preference pane on trunk, I've filed bug 845353 on that.

tqft

User avatar
 
Posts: 1232
Joined: April 22nd, 2003, 11:57 pm

Post Posted February 28th, 2013, 9:41 pm

Thanks I was wondering about how that was going to work

rsx11m
Moderator
 
Posts: 14425
Joined: May 3rd, 2007, 7:40 am
Location: US

Post Posted March 1st, 2013, 7:59 am

There are certainly still a couple of unknowns (i.e., whether or not iframes have their own context with respect to what "3rd-party" cookies are), thus keep watching the respective bugs for any movement.

rsx11m
Moderator
 
Posts: 14425
Joined: May 3rd, 2007, 7:40 am
Location: US

Post Posted March 2nd, 2013, 8:30 pm

rsx11m wrote:This breaks the Privacy & Security > Cookies preference pane on trunk, I've filed bug 845353 on that.

My patch has landed this evening, thus the UI issues should be resolved with the next SM 2.19 nightly.

vazhavandan
 
Posts: 739
Joined: December 10th, 2007, 8:27 am

Post Posted March 3rd, 2013, 11:11 pm

Can we toggle this setting using following settings?
Edit==>Preferences==>Privacy==>Cookies

rsx11m
Moderator
 
Posts: 14425
Joined: May 3rd, 2007, 7:40 am
Location: US

Post Posted March 4th, 2013, 6:17 am

Exactly, you can set it to "Allow all cookies" again if you wish.

rsx11m
Moderator
 
Posts: 14425
Joined: May 3rd, 2007, 7:40 am
Location: US

Post Posted March 15th, 2013, 8:39 pm

Bug 851606 was filed today to determine whether or not the new cookie behavior and making it the default will be allowed to go into aurora (and subsequently beta) with the upcoming merge in about two weeks. If decided not to make this effective with Gecko 22.0/SeaMonkey 2.19, options include to either back this out entirely (i.e., we'd also have to back out the UI changes from aurora) or just reversing the default to "All cookies" while leaving the functionality itself intact (thus allowing users to test it).

rsx11m
Moderator
 
Posts: 14425
Joined: May 3rd, 2007, 7:40 am
Location: US

Post Posted June 26th, 2013, 9:00 pm

Like Firefox 22.0, SeaMonkey 2.19 will be shipped with the old default to allow all cookies (thus also from unvisited third parties). As discussed in bug 818340, the goal is now to establish some Cookie Clearing House first to catch any false positive exclusions that may break sites while (hopefully) maintaining the usefulness of the feature.

Return to SeaMonkey Builds


Who is online

Users browsing this forum: No registered users and 1 guest