Open
Bug 1383534
Opened 7 years ago
Updated 2 years ago
Identity UI only shows permissions for the exact host
Categories
(Firefox :: Site Permissions, defect, P3)
Tracking
()
NEW
People
(Reporter: krinkodot22, Unassigned)
References
Details
When the cookie exceptions tool, it's possible to accept/block cookies from entire domains. But, if cookies are accepted from a site because of a rule to accept cookies from its parent domain, the Site Identity button doesn't indicate that there is a permission to accept cookies (there is no dot on the "i", and the "Permissions" section does not show "Set Cookies"). However, cookies really do get accepted, and the "Permissions" section of the "Page Info" window correctly shows that cookies are accepted (and not using the default rule for accepting cookies).
Steps to reproduce:
1. Go to Preferences->Privacy->History (Use custom settings for history)->Accept cookies from sites->Exceptions, and allow cookies for "https://wikipedia.org".
2. Visit https://en.wikipedia.org.
3. (Optional) Open the Developer Tools view and show the Storage tab. It will show that cookies from .wikipedia.org and en.wikipedia.org have been stored.
Expected results:
The Site Identity icon should have a dot, and clicking it should include "Set Cookies" as a permission.
Actual results:
Clicking the Site Identity icon does not show "Set Cookies" as a permission, and if no other permissions have been set for https://en.wikipedia.org, then the Site Identity icon will not appear with a dot to indicate that custom permissions have been set.
Comment 1•7 years ago
|
||
There's a hidden bug for this already (it's not very security sensitive, it was related to a long resolved bug that was indeed very security sensitive). I'll just dupe that one for this public bug. We should probably solve this eventually, though I guess it needs some kind of UI like the one I'm still working on in bug 1224453.
Status: UNCONFIRMED → NEW
Ever confirmed: true
Flags: qe-verify+
Priority: -- → P3
Summary: Site Identity button & panel doesn't indicate if cookies are accepted from a parent domain → Identity UI only shows permissions for the exact host
Updated•5 years ago
|
Component: Site Identity → Site Permissions
Updated•2 years ago
|
Severity: normal → S3
You need to log in
before you can comment on or make changes to this bug.
Description
•