Closed Bug 232522 Opened 21 years ago Closed 21 years ago

pref capability.policy.default.HTMLDocument.cookie.set noAccess prevents site from displaying correctly

Categories

(Core :: Networking: Cookies, defect)

Product:
Core
Component:
Networking: Cookies
Platform:
x86
Windows 2000
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
VERIFIED INVALID

People

(Reporter: woecherl, Assigned: darin.moz)

References

(
URL
)

Details

User-Agent:       
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.0; de-AT; rv:1.6) Gecko/20040113

The page http://www.novell.com does not display correctly: no navigation bar on
top & bottom of page (in dark grey), only the "main content" text on it's white
background.
Usually a redirection to a language-specific URL occurrs automaticall, e.g. to
http://www.novell.com/en-us/, but this does not happen. Instead, JavaScript
console displays some errors (see "Actual Results")


Reproducible: Always
Steps to Reproduce:
1. Exit Mozilla, also in Taskbar (if QuickStart is Enabled)
2. Add the following line to your prefs.js:
user_pref("capability.policy.default.HTMLDocument.cookie.set", "noAccess");
and save the file.
(you can find prefs.js in /Documents and Settings/<user>/Application
data/Mozilla/Profiles/<mine>/<something>.slt (I hope the English path names are
correct; I use the German version of Windows)
3. Start Mozilla, delete all cookies that have domain novell.com, and go to
http://www.novell.com


Actual Results:  
JavaScript console displays "Error: uncaught exception: permission for setting
property HTMLDocument.cookie denied"  (and some consecutive errors)
Most probably write access to document.cookie fails in the site's startup
JavaScripts

Expected Results:  
Redirection to language-specific URL, full display of page.

I have first asked Novell Support for a solution, and they told me that I must
have cookies disabled. I playen around with the preferences settings in "Privacy
and Security" / Cookies, but the problem didn't go away. Then I rembembered that
prefs.js I had read about earlier, and searched for "cookie" in it revealing the
setting mentioned above.
I also checked out about:config, but
"capability.policy.default.HTMLDocument.cookie.set" is not listed there.
I assume that this setting is deprecated in some way, but some part of the
browser still pays attention to it. I must mention that I usually upgrade to the
next Mozilla version by downloading the zip file and unpacking it to my Program
Files\Mozilla.org\Mozilla (of course I delete the old one first). But all other
settings remain untouched, so there can easily be relicts of old versions in the
profile or whereever.
Why did you set that pref?  Setting that pref has the effect of halting script
execution whenever a website tries to set document.cookie to any value.  If you
want to prevent sites from setting cookies, then do so via the
Privacy&Security>Cookies pref panel, not via capability prefs (which are not
deprecated but specific to the JS security manager and are not really meant for
people to touch unless they know what they are doing, thus they are
intentionally hidden from about:config.)

This pref is working as designed, so invalid.
Status: UNCONFIRMED → RESOLVED
Closed: 21 years ago
Resolution: --- → INVALID
Verified.  Old (pre-1.0) versions of Mozilla set that pref for the cookie stuff
in preferences, but that's been fixed for ages...
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.