Open Bug 1174797 Opened 6 years ago Updated 2 months ago

Add a cookie exception for GMail OAuth

Categories

(MailNews Core :: Networking: IMAP, defect)

Unspecified
All
defect
Not set
normal

Tracking

(thunderbird_esr38+ affected)

Tracking Status
thunderbird_esr38 + affected

People

(Reporter: rkent, Unassigned)

References

()

Details

(Keywords: ux-error-prevention)

I think you want tracking esr
Context: if you disabled cookies, trying to do OAuth2 authentication for gmail will show a "Oops! Your browser seems to have cookies disabled. Make sure cookies are enabled or try opening a new browser window. [?] " message in the OAuth dialog. 

I'm not so sure it's ok to add it silently though, as that lets google track you elsewhere (to a limited extent) - which is probably one of the reasons you disabled cookies in the first place.
(In reply to Magnus Melin from comment #3)
> Context: if you disabled cookies, trying to do OAuth2 authentication for
> gmail will show a "Oops! Your browser seems to have cookies disabled. Make
> sure cookies are enabled or try opening a new browser window. [?] " message
> in the OAuth dialog. 

Also, even if cookies are enabled, if you have two different google oauth accounts, there may be conflicts (at least this has happened for twitter). For twitter, the cookies are removed once oauth is complete, cf. https://dxr.mozilla.org/comm-central/source/chat/protocols/twitter/twitter.js#866.

> I'm not so sure it's ok to add it silently though, as that lets google track
> you elsewhere (to a limited extent) - which is probably one of the reasons
> you disabled cookies in the first place.

Cleaning up the cookies on completion would also help with that issue.
i would prefer sticking to imap only or making oauth opt-in. i have disabled google 2-factor-authentication for a reason. Adding a cookie exception for gmail seems to be violating privacy by design principles.

How about we offer to enable the cookies for gmail instead of just telling the user they need to. That meets both requirements for user choice and good user experience.

See Also: → 1678722
Duplicate of this bug: 1643021
OS: Unspecified → All
See Also: → 1576799, 1310389
Duplicate of this bug: 1687247
See Also: → 1591782
Duplicate of this bug: 1671809
Duplicate of this bug: 1678722
You need to log in before you can comment on or make changes to this bug.