Closed
Bug 1501989
Opened 6 years ago
Closed 6 years ago
Turn the "Keep Until" cookies menulist into a checkbox
Categories
(Firefox :: Settings UI, defect, P1)
Firefox
Settings UI
Tracking
()
VERIFIED
FIXED
Firefox 65
| Tracking | Status | |
|---|---|---|
| firefox65 | --- | verified |
People
(Reporter: johannh, Assigned: ewright)
References
(Blocks 1 open bug)
Details
(Whiteboard: [privacy65])
Attachments
(2 files)
1501989-apparent-duplicated-settings.png
|
Assignee | |
Updated•6 years ago
|
Assignee: nobody → ewright
|
|
Assignee | |
Comment 1•6 years ago
|
||
Remove the keepUntil menulist and label, add a checkbox that toggles the value of 'network.cookie.lifetimePolicy' between 2 and 0.
|
Reporter | |
Updated•6 years ago
|
Status: NEW → ASSIGNED
Priority: P2 → P1
Pushed by ewright@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/b8c47a4bef94 turn "keep until" menu list into a checkbox r=flod,johannh
|
||
Comment 3•6 years ago
|
||
| bugherder | ||
https://hg.mozilla.org/mozilla-central/rev/b8c47a4bef94
Status: ASSIGNED → RESOLVED
Closed: 6 years ago
status-firefox65:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → Firefox 65
|
||
Comment 4•6 years ago
|
||
Isn't the new checkbox label a little misleading ? As a user, seeing "Delete cookies and site data when Nightly is closed" I will expect all cookies to be deleted. Correct me if I'm wrong, but only new cookies created since I checked this options will not be kept (session lifetime). All cookies created before checking this option will not be deleted when Firefox is closed. Could something like "Force cookies and site data expiration to when Firefox is closed." be more correct ?
|
|
Reporter | |
Comment 5•6 years ago
|
||
(In reply to Franck (Wip) from comment #4) > Isn't the new checkbox label a little misleading ? > As a user, seeing "Delete cookies and site data when Nightly is closed" I > will expect all cookies to be deleted. > > Correct me if I'm wrong, but only new cookies created since I checked this > options will not be kept (session lifetime). > All cookies created before checking this option will not be deleted when > Firefox is closed. > > Could something like "Force cookies and site data expiration to when Firefox > is closed." be more correct ? We've recently started to delete cookies and site data on shutdown with this setting on.
|
|
||
Comment 6•6 years ago
|
||
Ok, so it make sense. Thanks for the clarification. Is it to say that now network.cookie.lifetimePolicy=2 and privacy.clearOnShutdown.cookies=true are kind of duplicate ? They were quite already before since forcing cookies lifetime to 'session' then deleting them on shutdown was always overkill. Will this be unified in a future version ?
|
||
Comment 7•6 years ago
|
||
They aren't duplicates. network.cookie.lifetimePolicy=2 means never accept cookies in the first place (and it doesn't delete your existing cookies.) privacy.clearOnShutdown.cookies=true deletes your cookies at shutdown, and allows you to accumulate them before them. The former is a lot more aggressive and breaks many websites. We are planning to continue to focus more on improving our default cookie settings that are turned on by default in the future, the existing fine grained controls should continue to work for now.
|
|
||
Comment 8•6 years ago
|
||
Ehsan, aren't you mixing up network.cookie.cookieBehavior and network.cookie.lifetimePolicy ? network.cookie.cookieBehavior = 2 --> block all cookies by default network.cookie.lifetimePolicy = 2 --> Accept for current session only (ref: https://developer.mozilla.org/en-US/docs/Mozilla/Cookies_Preferences) My current settings in Firefox 63 are the following: - network.cookie.cookieBehavior = 0 witch translates in the UI as "Accept cookies and site data" - network.cookie.lifetimePolicy = 2 witch translates in the UI "Keep until: Firefox is closed" - a whitelist of exceptions is defined for sites I want to stay connected - cookies are NOT cleared on shutdown So that every sites work fine and cookies are not kept when closing Firefox except for a few handpicked sites. These settings are all surfaced through the preference UI, so I suppose I'm not the only one using Firefox like this. And now I'm starting to worry, will this configuration break when updating to Firefox 65 ? --- More on spot with this ticket purpose, from a UI standpoint there is now a duplicated setting (see screenshots): - "Delete cookies and site data when Nightly is closed" - "When closed, Nightly should automatically clear all"..."Cookies" The wording are almost identical although they do not surface the same flags/variables (don't now how to call it). As a side note, from a behavioral point of view, my observation was that, without any existing cookies and no exceptions, not keeping cookies (network.cookie.lifetimePolicy=2) or clearing them all on exit (privacy.clearOnShutdown.cookies=true) had always lead to the same result: no cookies when Firefox is closed.
|
|
||
Comment 9•6 years ago
|
||
|
|
Reporter | |
Comment 10•6 years ago
|
||
Yup, you're right about that. These settings really need some more consolidation, but it's not an immediate concern for us, I think. Can you file a new bug about this duplication, please?
Flags: needinfo?(wip.the.gruik)
|
|
Reporter | |
Comment 11•6 years ago
|
||
(A technical difference being that for lifetimePolicy we honor cookie exceptions while we do not for clearOnShutdown, I believe)
|
|
||
Comment 12•6 years ago
|
||
(In reply to Franck (Wip) from comment #8) > Ehsan, aren't you mixing up network.cookie.cookieBehavior and > network.cookie.lifetimePolicy ? My bad. You wrote network.cookie.lifetimePolicy but I read it as network.cookie.cookieBehavior. :-( You should ignore all of comment 7 (and I need a new pair of glasses, sorry about that!) Still, there is a big difference between network.cookie.lifetimePolicy and privacy.clearOnShutdown.cookies, which is the latter setting is applied during shutdown while the former is part of the Firefox cookie policy settings which is applied right away as Firefox accepts a cookie. With privacy.clearOnShutdown.cookies, for example if your session crashes your cookies won't be cleared until the next clean shutdown, but there is no such loophole around network.cookie.lifetimePolicy. Another difference is comment 11. Note that there are other privacy.clearOnShutdown.* settings for clearing other types of site data which is really why the cookie setting exists. It was probably a historical mistake to have invented privacy.clearOnShutdown.cookies in the first place since its use case can mostly be achieved by network.cookie.lifetimePolicy anyway. :-) > network.cookie.cookieBehavior = 2 --> block all cookies by default > network.cookie.lifetimePolicy = 2 --> Accept for current session only > (ref: https://developer.mozilla.org/en-US/docs/Mozilla/Cookies_Preferences) > > My current settings in Firefox 63 are the following: > - network.cookie.cookieBehavior = 0 witch translates in the UI as "Accept > cookies and site data" > - network.cookie.lifetimePolicy = 2 witch translates in the UI "Keep > until: Firefox is closed" > - a whitelist of exceptions is defined for sites I want to stay connected > - cookies are NOT cleared on shutdown > So that every sites work fine and cookies are not kept when closing Firefox > except for a few handpicked sites. > These settings are all surfaced through the preference UI, so I suppose I'm > not the only one using Firefox like this. Indeed. > And now I'm starting to worry, will this configuration break when updating > to Firefox 65 ? No need to worry. > More on spot with this ticket purpose, from a UI standpoint there is now a > duplicated setting (see screenshots): > - "Delete cookies and site data when Nightly is closed" > - "When closed, Nightly should automatically clear all"..."Cookies" > The wording are almost identical although they do not surface the same > flags/variables (don't now how to call it). That's fair. Please file a new bug about this? > As a side note, from a behavioral point of view, my observation was that, > without any existing cookies and no exceptions, not keeping cookies > (network.cookie.lifetimePolicy=2) or clearing them all on exit > (privacy.clearOnShutdown.cookies=true) had always lead to the same result: > no cookies when Firefox is closed. If your Firefox doesn't crash and is shut down cleanly, yes there would be no difference.
|
||
Comment 13•6 years ago
|
||
I have reproduced this bug with Nightly 65.0a1 (2018-10-25) on Windows 7, 64 Bit! This bug's fix is verified with latest Nightly! Build ID 20181112220107 User Agent Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:65.0) Gecko/20100101 Firefox/65.0
QA Whiteboard: [bugday-20181107]
|
|
||
Comment 14•6 years ago
|
||
(In reply to Johann Hofmann [:johannh] from comment #10) > Yup, you're right about that. These settings really need some more > consolidation, but it's not an immediate concern for us, I think. Can you > file a new bug about this duplication, please? Done, see bug 1507425.
Flags: needinfo?(wip.the.gruik)
|
|
||
Comment 15•6 years ago
|
||
(In reply to :Ehsan Akhgari from comment #12) Thanks Ehsan for all these explanations.
|
||
Comment 16•6 years ago
|
||
Verified - Fixed on latest Nightly 65.0a1 (2018-11-28) (64-bit) on Windows 7/10 x64, Ubuntu 18.04. and Mac OS 10.14. The "Delete cookies and site data when Nightly is closed" checkbox can be found in about:preferences#privacy.
Status: RESOLVED → VERIFIED
You need to log in
before you can comment on or make changes to this bug.
Description
•