1898424 - CookieRejectedPartitionedRequiresSecure error is confusing

Status: RESOLVED FIXED

(Core :: Privacy: Anti-Tracking, defect, P3)

Description

[Nicolas Chevobbe [:nchevobbe]]

1. With network.cookie.cookieBehavior.optInPartitioning set to true, and network.cookie.CHIPS.enabled set to false
2. On any tab, open DevTools Console
3. Evaluate document.cookie="foo=bar; Partitioned;"

The following error is printed in the console output: Cookie “foo” has been rejected because it has the “Partitioned” attribute but is missing the “secure” attribute.
But , if I evaluate document.cookie, I do see foo=bar in what's returned, and I can see the cookie in the storage panel, which seems at odd with the message that told me the cookie was "rejected" (i.e., in my mind, not created)

Here's where the message is emitted:

  // Ensure the partitioned cookie is set with the secure attribute.
  if (aCookieData.isPartitioned() && !aCookieData.isSecure()) {
    CookieLogging::LogMessageToConsole(
        aCRC, aHostURI, nsIScriptError::errorFlag, CONSOLE_REJECTION_CATEGORY,
        "CookieRejectedPartitionedRequiresSecure"_ns,
        AutoTArray<nsString, 1>{NS_ConvertUTF8toUTF16(aCookieData.name())});

    // We only drop the cookie if CHIPS is enabled.
    if (StaticPrefs::network_cookie_CHIPS_enabled()) {
      return newCookie;
    }
  }

It looks like the "rejection" message should only be emitted when CHIPS is enabled?

Comment 1

[Tim Huang[:timhuang]]

Attachment: Bug 1898424 - Only emit CookieRejectedPartitionedRequiresSecure console message if CHIPS is enabled. r?bvandersloot

Comment 2

[Pulsebot]

Pushed by tihuang@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/c2ace87db772
Only emit CookieRejectedPartitionedRequiresSecure console message if CHIPS is enabled. r=bvandersloot

Comment 3

[Norisz Fay [:noriszfay]]

https://hg.mozilla.org/mozilla-central/rev/c2ace87db772