SanitizeOnShutdown policy results in "Delete cookies" option being set, but not visibly locked
Categories
(Firefox :: Enterprise Policies, defect, P3)
Tracking
()
People
(Reporter: pascal.reintjens, Unassigned)
References
Details
User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/115.0
Steps to reproduce:
- Created a policies.json file with the following contents:
{
"policies": {
"SanitizeOnShutdown": {
"Cache": true,
"Cookies": true,
"Downloads": true,
"FormData": true,
"Sessions": true,
"OfflineApps": true,
"Locked": true
}
}
}
- Subsequently, placed this file within the installation directory: C:\Program Files\Mozilla Firefox\distribution\policies.json
- restarted the browser and went to
Settings > Privacy & Security > Cookie and Site Data
- unchecked the toggle
Delete cookies and site data when Firefox is closed
- Restarted the Browser and went again to
Settings > Privacy & Security > Cookie and Site Data
Actual results:
Delete cookies and site data when Firefox is closed
on step 4 gets activated by the policy but is not grayed out. The user can deactivate the option but after restarting Firefox, the option is then activated again.
Expected results:
Delete cookies and site data when Firefox is closed
should be grayed out so that the user doesn't think he can change it when it is enforced by SanitizeOnShutdown.
Reporter | ||
Updated•7 months ago
|
Comment 1•7 months ago
|
||
The Bugbug bot thinks this bug should belong to the 'Toolkit::Data Sanitization' component, and is moving the bug to that component. Please correct in case you think the bot is wrong.
Reporter | ||
Comment 2•7 months ago
|
||
Shorter policies.json to reproduce:
{
"policies": {
"SanitizeOnShutdown": {
"Cache": true,
"Cookies": true,
"OfflineApps": true,
"Locked": true
}
}
}
Updated•6 months ago
|
Comment 3•6 months ago
|
||
Do we know if this wasn't a bug from before? It looks like the checkbox in question isn't controlled by a pref, but rather is set in privacy.js
https://searchfox.org/mozilla-central/source/browser/components/preferences/privacy.js#2097
This could mean that it isn't controlled by a pref, and is not affected by the locking policies. This seems unrelated to the new clear history dialog, but is a bug!
Updated•6 months ago
|
Updated•2 months ago
|
Comment 4•2 months ago
|
||
Hey Mike, could you help confirm if this issue is due to the checkbox not being directly controlled by a pref?
Updated•2 months ago
|
Comment 5•2 months ago
|
||
Yes, this is definitely going to be related to that.
If something isn't a pref, it doesn't get automatic disabling, so we would need code that would check .locked on the preference.
Description
•