Open
Bug 1112895
Opened 10 years ago
Updated 2 years ago
Design and implement EME equivalent of "Privacy -> Show Cookies" UI to enumerate and remove origins' EME/DRM license information
Categories
(Firefox :: Settings UI, defect)
Firefox
Settings UI
Tracking
()
NEW
People
(Reporter: cpeterson, Unassigned)
References
(Blocks 1 open bug)
Details
merwin says this UI is not an EME ship blocker.
|
||
Comment 1•10 years ago
|
||
What's the intended usecase(s)? I am little dubious about the value of this UI. The only general use I can think of is to help surface the fact that such data exists (but the actual data itself seems unlikely to be useful). We're already lacking in this department (eg localstorage, indexdb, site permissions), so if we do anything here it might be more useful to do it as a more general "site-specific settings" UI. (Perhaps vaguely akin to about:permissions, but that's deprecated.)
|
Reporter | |
Comment 2•10 years ago
|
||
(In reply to Justin Dolske [:Dolske] from comment #1) > What's the intended usecase(s)? > > I am little dubious about the value of this UI. The only general use I can > think of is to help surface the fact that such data exists (but the actual > data itself seems unlikely to be useful). Yes, the use case is pretty much to see which origins have deposited "DRM cookies" and to delete them. The actual data is not useful; these are literally random numbers (SHA-256 hashes of machine-unique identifiers and a random salt value).
|
||
Comment 3•10 years ago
|
||
(In reply to Chris Peterson [:cpeterson] from comment #2) > (In reply to Justin Dolske [:Dolske] from comment #1) > > What's the intended usecase(s)? > > > > I am little dubious about the value of this UI. The only general use I can > > think of is to help surface the fact that such data exists (but the actual > > data itself seems unlikely to be useful). > > Yes, the use case is pretty much to see which origins have deposited "DRM > cookies" and to delete them. The actual data is not useful; these are > literally random numbers (SHA-256 hashes of machine-unique identifiers and a > random salt value). If we delete the salt values we should also delete the data stored for the origins to which the salt corresponds, as without the origin -> salt mapping (that we just deleted) the stored data is no longer accessible, and will leak on disk. Therefore, this bug should be "delete all data associated with DRM/EME", not just the salt values.
Summary: Design and implement EME equivalent of "Privacy -> Show Cookies" UI to enumerate and remove origins' EME salt values → Design and implement EME equivalent of "Privacy -> Show Cookies" UI to enumerate and remove origins' EME/DRM license information
|
||
Updated•2 years ago
|
Severity: normal → S3
You need to log in
before you can comment on or make changes to this bug.
Description
•