Closed Bug 1249889 Opened 8 years ago Closed 11 months ago

Cookie wildcard handling non working anymore on Firefox for Mac OSX.

Categories

(Core :: Permission Manager, defect)

Product:
Core
Component:
Permission Manager
Version:
42 Branch
Type:
defect

Tracking

()

Status:
RESOLVED WONTFIX

People

(Reporter: oxo141304, Unassigned)

References

Details

(Keywords: regression) 

User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.71 Safari/537.36

Steps to reproduce:

Since the split of cookie exception according to their protocol (HTTP or HTTPS) in Firefox 42, we can't handle cookie exceptions with a wildcard anymore on the Mac OSX version.

For example, before v42, adding the exception "google.com" allowed any cookie from google.com regardless of the protocol, but also from all subdomains of it.

Since v42, we need to write the exceptions "http://www.google.com" and "https://google.com", which is fine to me as we should indeed differentiate protocols.
My problem is this doesn't allow all the subdomains from the namespace. The general rule "google.com" is not allowed anymore.

There is now way to allow something that would look like :
"http://*.google.com"
"https://*.google.com"

For some big websites that have a incredible lot of subdomain with no real clear names (Google, Facebook...), we can't list all the subdomains.

Some functionalities of those websites doesn't work properly with only the main page allowed in the cookie exception list. This is for instance the case for the Facebook chat, that doesn't refresh if only "https://www.facebook.com" is allowed.


Actual results:

Since Firefox 42 for Mac OSX, there is no way to allow all the subdomains of a website to write cookies. Only an exact specific web page.

The only way to do it is to allow cookies for all websites... Therefore the cookie managing tool is useless.


Expected results:

We should be able to handle the cookie exception the same way than v42. The more general it is, the more it allows cookies...

"google" would allow cookies from any protocol, any subdomains, and in ".com", ".fr", etc...

By level of specificity :
"google"
"google.com"
"mail.google.com"
"https://www.mail.google.com"

And "*" for wildcard.

The more you write in the rule, the more it restricts : writing a protocol aims this specific protocol, writing a subdomain aims only this subdomain.
Component: Untriaged → File Handling
OS: Unspecified → Mac OS X
Hardware: Unspecified → x86_64
Severity: normal → major
Component: File Handling → Preferences
I reported a similar bug after the new permission manager (bug 1210379).
Blocks: 1165263
Component: Preferences → Permission Manager
Product: Firefox → Core
Version: 44 Branch → 42 Branch
blocking-b2g: 2.2? → ---
tracking-b2g: backlog → ---
This is also true on seamonkey on linux 2.40.

I really preferred the old Cookie Monster AddOn. It provided a toolbar icon. Sometime websites popup small windows with no menus. Then enabling cookies for this window is impossible, since it's domain is not accessible to the windows with menus.

Removing severity/priority so this can be properly triaged.

When we switched to origin based permissions, we lost the ability to do wildcard permissions.

I'm going to mark it as a regression because that's technically what it is even though we can't fix the thing that regressed it.

Severity: major → --
Status: UNCONFIRMED → NEW
Ever confirmed: true
Keywords: regression
OS: macOS → All
Hardware: x86_64 → All
Status: NEW → RESOLVED
Closed: 11 months ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.