Closed Bug 1753586 Opened 3 years ago Closed 3 years ago

Fix navigator.cookieEnabled for dFPI

Categories

(Core :: Privacy: Anti-Tracking, defect, P2)

Product:
Core
Component:
Privacy: Anti-Tracking
Type:
defect

Tracking

()

Status:
RESOLVED FIXED
Milestone:
99 Branch
Tracking Flags:
Tracking Status
firefox99 --- fixed

People

(Reporter: timhuang, Assigned: timhuang)

References

Details

(Whiteboard: [FXATPS-dFPI-Mochitests])

Attachments

(1 file)

Bug 1753586 - Navigator.cookieEnabled should return true when cookie is partitioned. r?smaug!,#anti-tracking-reviewers!
48 bytes, text/x-phabricator-request
Details | Review

Currently, navigator.cookieEnabled will return false in third-party contexts when dFPI is enabled. This behavior is incorrect because the cookie is still available in third-party contexts.

Also, we should still return true even the iframe is sandboxed given that the cookie is not disabled but throw a security error according to the WPT test.

We need to fix this in order to make the WPT cookie-enabled-noncookie-frame.html passing.

We change to return true for 'navigator.cookieEnabled' when the cookie
is partitioned. It did return false because the storage access is not
allowed in this case. But, acutally, we should return true because the
cookie is available.

Also, we should still return true in the case where accessing cookies
gets a security error, e.g. a sandboxed iframe. This behavior matches to
the spec.

Pushed by tihuang@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/90571f6d8521 Navigator.cookieEnabled should return true when cookie is partitioned. r=smaug,anti-tracking-reviewers,pbz

https://hg.mozilla.org/mozilla-central/rev/90571f6d8521

Status: ASSIGNED → RESOLVED
Closed: 3 years ago
status-firefox99: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 99 Branch
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: