1285583 - new versions of firefox have removed the "ask every time" option from cookie management.

Status: RESOLVED DUPLICATE of bug 1249151

(Firefox :: Untriaged, defect)

Description

[weif]

User Agent: Opera/9.80 (X11; FreeBSD 10.0-RELEASE-p12 i386) Presto/2.12.388 Version/12.16

Steps to reproduce:

upgrade Firefox to 44+


Actual results:

Firefox no longer prompts for accepting cookies, instead cookies are automatically accepted causing privacy and security problems.

The reasons listed in the "bug" to remove this very important functionality is bogus and unsupportable.

-It exposes far too much detail about the underlying implementation of the Web

Well, this is actually important to any even semi-professional web developer. You need to see what cookie is being set, when it is being set in the page load process, what information is in it, when it expires, what path it is relevant for, etc. Without this information, the best web development you can hope for is "amateur," and testing web site functionality is eliminated. This is absolutely a backwards reason for eliminating this incredibly important feature of any web browser.

This does not provide any unnecessary information about how the web works, any more than having to install a plugin to see some kinds of content does.

-It forces the user to make a ridiculous number of decisions before visiting a Web site.  For instance, amazon.com produces 8 dialog boxes, and ebay.com 15.

This is not a browser problem, this is a problem with poorly designed, improperly implemented, or just plain sloppy web sites. There is no excuse for the web site to do this, and it is not a browser issue, it is a web site issue. These sites should either be summarily blocked by users, or should receive feedback about the problems they are causing.

-Even informed users will not always have enough information to make an informed choice.

This is not a valid excuse. The cookie should provide enough information to allow a user to make an informed decision. Again, without the information provided by the site, this may be true, but this is a web site problem, not a web browser problem.

A more valid argument is that this should be the default setting on all web browsers, and changing it should be difficult. This would clean up a lot of sloppy development on a lot of web sites - especially big sites like Microsoft, Facebook, Google, Amazon, eBay, etc where sloppy cookie implementation is rampant.

Removing this highly important feature from Firefox is a huge security, privacy, and tracking problem. Even with FF set to not track and to block user tracking, and several privacy plugins installed, having cookies set to prompt showed that on many sites - possibly a MAJORITY of sites - major tracking services like Omniture and Google Analytics were still setting tracking cookies and tracking users. By removing this feature from Firefox, you have compromised the privacy and security of anybody using Firefox.


Expected results:

prompt for cookies, a very good, very important feature, should never have been removed from the product.