Ask every time cookies Disappeared

VERIFIED WONTFIX

Status

()

VERIFIED WONTFIX
3 years ago
2 years ago

People

(Reporter: bugzilla, Unassigned)

Tracking

(6 keywords)

44 Branch
dataloss, privacy, regression, ux-control, ux-trust, ux-userfeedback
Points:
---
Dependency tree / graph

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

3 years ago
User Agent: Mozilla/5.0 (Windows NT 5.1; rv:43.0) Gecko/20100101 Firefox/43.0
Build ID: 20160105164030

Steps to reproduce:

Using Cookies Exceptions Main feature :
>Options>Privacy>History>Use custom settings for History>Accept cookies from sites>Keep until: Ask me every time DISAPPEARED


Actual results:

Cannot handle Cookies policy site by site
>> BIG REGRESSION


Expected results:

When going on a new site, i should have been requested by FF to approve Cookies policy for this new site, using Remember feature (check box).
(Reporter)

Updated

3 years ago
Component: Untriaged → Preferences
Keywords: regression
OS: Unspecified → All
Priority: -- → P1
Hardware: Unspecified → All
(Reporter)

Updated

3 years ago
Keywords: privacy, reproducible, ux-control, ux-trust, ux-userfeedback
(Reporter)

Comment 1

3 years ago
Ask every time cookies Feature is a main feature of Firefox.

And the main reason why i am using Firefox since about 15 years from now.

Because of PRIVACY.

I hope you will handle this Big Regression in 44.0 as soon as possible.

Comment 2

3 years ago
This is expected in Bug 606655.
Status: UNCONFIRMED → RESOLVED
Last Resolved: 3 years ago
Keywords: regression, reproducible, ux-trust, ux-userfeedback
Priority: P1 → --
Resolution: --- → WONTFIX

Comment 3

3 years ago
(In reply to kokoro from comment #0)
> User Agent: Mozilla/5.0 (Windows NT 5.1; rv:43.0) Gecko/20100101 Firefox/43.0
> Build ID: 20160105164030

kokoro, I understand that the cookie confirmation dialog was removed in Firefox 44.0, and not yet in Firefox 43.0. (— This is the needinfo part.)
(Reporter)

Comment 4

3 years ago
Hi,

@Mart Rootamm : Yes, you are right !! :)

@YF (Yang) : Bug 606655 is totally Wrong. And it was not handle during 5 years from creation in 2011. This one should have been invalidated since the very beginning.


Best Regards,
(Reporter)

Comment 5

3 years ago
Hi,

@YF (Yang) : Bug 606655 is totally Wrong. And it was not handle during 5 years from creation in 2011. So you may understand why nobody handled it during 5 years ! This one should have been invalidated since the very beginning indeed.


Best Regards,
Status: RESOLVED → UNCONFIRMED
Resolution: WONTFIX → ---

Comment 6

3 years ago
As reported in Comment 44 in Bug 606655, there is also loss of user data involved after upgrading:
https://bugzilla.mozilla.org/show_bug.cgi?id=606655#c44

I can't upgrade to desktop Firefox 44.0, because the cookie confirmation dialog is not there anymore, and I would lose all the cookie permission data after upgrading.

Moving to SeaMonkey is apparently not an option either, because the same functionality was removed from there, too.

The solution would be to reintroduce the cookie confirmation dialog, with a reworked UI and some safeguards against cookie bombs. These are sites that throw hundreds of cookies with cookie confirmation dialogs (from the same domain) to users when a cookie hasn't been confirmed yet.

Until then, users can stay on desktop Firefox 43.0.4 and not upgrade, or stay on 38.6.xESR (Extended Support Release), and thereafter block Firefox 45 ESR.
(Reporter)

Comment 7

3 years ago
Dears,

In fact, you are right: the workaround to bypass cookies bombs sites is to disconnect internet access, then perform remember cookie policy (closing all redundant cookies popups), then reconnect to internet.

As far as i remember, a long time ago, the policy from FF (around release 3 or 4) was to open only one ask cookie policy popup, then once answered, it displayed next one, on and on. But with sites with several cookies at once, and the introduction of multi-tabs features, at that time, FF did load all tabs, even if not opened. 

So, in order to easy browsing, FF introduced the display of all cookies. And indeed, at startup, the navigation was a lot easier. However, A bug appeared at this time, and never resolved, or maybe raised, that even if "remember" box was checked for one site, all the remaining popup that were displayed before remember choice, were still displayed, however they should have been "cleaned" and closed.

For the one part i may suppose, FF introduced maybe a limitation (to 77?) in order to avoid to many cookies popups, and crash somehow the application because of cookies bomb sites ?


So, for the part of Now:
Only pinned tabs are loaded at startup (since many releases you will agree), maybe you can reintroduce the previous behavior, that is to display one after the other the "cookies ask" popup ?

The main advantage of doing like this, is that if user check "remember" box, all the next cookies popups will not be displayed, because of policy confirmed.


Thank you Mart, 43.0.4 for safety :)
But i hope somebody will handle this issue.

By the way, as Yang putted the status up to Unconfirmed, do you know if someone from the team may put it back to New or Assigned, please? Or shall i raise a new Fault Report ?


Beat Regards,
(Reporter)

Updated

3 years ago
Keywords: dataloss, regression, ux-trust, ux-userfeedback

Comment 8

3 years ago
(In reply to kokoro from comment #7)
> By the way, as Yang putted the status up to Unconfirmed, do you know if
> someone from the team may put it back to New or Assigned, please? Or shall i
> raise a new Fault Report ?

It's possible, that the cookie bomb bug might already have been reported, but I havan't made any specific searches regarding that. Before filing a new bug, do search for this issue first.

This bug is not specifically about cookie bombs, but about reintroducing the cookie confirmation dialog; in doing so by reworking the UI, the cookie bomb issue might get resolved as well.

kokoro, I don't have the kind of permission level to change the status of bugs.

wrt this bug, I should also point out Comment 35 at Bug 1235199:
https://bugzilla.mozilla.org/show_bug.cgi?id=1235199#c35
(Reporter)

Updated

3 years ago
Blocks: 1235199
(Reporter)

Updated

3 years ago
Blocks: 606655
(In reply to Mart Rootamm from comment #8)
> This bug is not specifically about cookie bombs, but about reintroducing the
> cookie confirmation dialog;

not going to happen, sorry. There's a discussion in the firefox-dev mailing list you can follow and participate to. Please understand this is a bug tracker, not a discussion forum.
Status: UNCONFIRMED → RESOLVED
Last Resolved: 3 years ago3 years ago
Resolution: --- → WONTFIX

Updated

3 years ago
Status: RESOLVED → VERIFIED
Comment hidden (advocacy)
Please don't go against the bugzilla rules, we don't want to pass that edge.

https://bugzilla.mozilla.org/page.cgi?id=etiquette.html
2. No whining about decisions. If a respected project contributor has marked a bug as INVALID, then it is invalid. Someone filing another duplicate of it does not change this. Unless you have further important evidence, do not post a comment arguing that an INVALID or WONTFIX bug should be reopened. 

there is a discussion in a mailing list that the whole team reads, participate there and stop trying to hijack the bug tracker we use to work.
Status: REOPENED → RESOLVED
Last Resolved: 3 years ago3 years ago
Resolution: --- → WONTFIX

Updated

3 years ago
Status: RESOLVED → VERIFIED
This wasn't whining. You broke a feature in comm-central suite without prior notice and many users and devs just want it back. Last statement here. I am done.

Updated

2 years ago
Duplicate of this bug: 1273542

Updated

2 years ago
Duplicate of this bug: 1285583

Comment 15

2 years ago
Relevant mailing list thread:

  https://mail.mozilla.org/pipermail/firefox-dev/2016-February/003890.html

Has an add-on been developed in the meantime which restores the old functionality?

Updated

2 years ago
Duplicate of this bug: 1329509

Updated

2 years ago
Duplicate of this bug: 1333198

Comment 18

2 years ago
None (no existing add-on I have tried provides this functionality) and I respect the decisions of developers.

I have a suggestion: How about exporting the associated code to an add-on? Is that even possible?
You need to log in before you can comment on or make changes to this bug.