Closed
Bug 104890
Opened 24 years ago
Closed 24 years ago
P3P: Treat no-identifiable-info same as requires-explicit-consent
Categories
(Core :: Networking: Cookies, defect)
Tracking
()
RESOLVED
FIXED
mozilla0.9.6
People
(Reporter: morse, Assigned: morse)
Details
Attachments
(1 file)
|
1.46 KB,
patch
|
harishd
:
review+
alecf
:
superreview+
|
Details | Diff | Splinter Review |
The website's compact policy might say that the site does not collect
identifiable information. However we do not have a catagory for that in our p3p
processing of cookies. The catagories that we have are:
has no compact policy
has policy and does not ask for consent when collecting identifiable info
has policy and uses implicit consent when collecting identifiable info
has policy and uses explicit consent when collecting identifiable info
The site that does not collect identifiable info should be treated the same as
the site that asks the user for explicit consent before collecting identifiable
info.
|
Assignee | |
Updated•24 years ago
|
Status: NEW → ASSIGNED
Target Milestone: --- → mozilla0.9.6
|
|
Assignee | |
Comment 1•24 years ago
|
||
|
|
Assignee | |
Comment 2•24 years ago
|
||
harishd, please review
cc'ing alecf for sr
|
|
||
Comment 3•24 years ago
|
||
Comment on attachment 53612 [details] [diff] [review]
patch to treat no-identifiable-info same as explicit-consent
I don't see where P3P_NoIdentInfo is coming in from...
Attachment #53612 -
Flags: superreview+
|
|
Assignee | |
Comment 4•24 years ago
|
||
Nowhere yet. That's covered by bug 104894.
|
|
||
Comment 5•24 years ago
|
||
sounds good then. sr=alecf (forgot to say that earlier, even though I added the
has-super-reviewer flag)
Out of curiosity why are the P3P_* flags even numbers? the (2,4,6,8) almost make
it look like they are bit flags, since 3 of those 4 are bit values.. I realize
they are all internal, but thought it was worth a comment.
|
|
Assignee | |
Comment 6•24 years ago
|
||
They were numbered that way for convenience. I need to distinguish first-party
sites from third-party ones. The full encoding is really
0: first-party site, no compact policy
1: third-party site, no compact policy
2: first-party site, does not ask for consent
3: first-party site, asks for consent
etc.
The compact policy does not indicate whether the site is first or third party
(it can't of course) so the parsing of the compact policy simply returns one of
the even numbers for the site's policy. I then check if the site is third-party
and, if so, add 1 to the value that I obtained.
|
|
Assignee | |
Comment 7•24 years ago
|
||
Let's try that above comment again and see if I can get it right this time. The
chart that I meant to post is:
0: first-party site, no compact policy
1: third-party site, no compact policy
2: first-party site, does not ask for consent
3: third-party site, does not ask for consent
etc.
Attachment #53612 -
Flags: review+
|
|
Assignee | |
Comment 8•24 years ago
|
||
Fix checked in.
Status: ASSIGNED → RESOLVED
Closed: 24 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•