Closed Bug 233623 Opened 22 years ago Closed 20 years ago

cookie manager -> block cookies from site - could also remove them

Categories

(Core :: Networking: Cookies, defect)

Product:
Core
Component:
Networking: Cookies
Platform:
x86
Windows NT
Type:
defect
Priority:
Not set
Severity:
minor

Tracking

()

Status:
RESOLVED DUPLICATE of bug 350577

People

(Reporter: bugzilla, Assigned: darin.moz)

Details

User-Agent: Build Identifier: Mozilla/5.0 (Windows; U; WinNT4.0; en-US; rv:1.6b) Gecko/20031208 Hi After looking at 32979 and 112647 and using the browser for development - it would be very convienient if the Cookie manager deleted the cookies from the site when you choose block cookies from site - then you could "allow cookies" from site to effectivley clear the cookies from the current site this is a common requirement when testing server sessions or want the browser to reauthenticate. (I have to look at how Password Manger -> log out works) the cookie manager list is usually full of cookies from pron sites that i visit and finding a server or development machine can be confusing and sometimes embarassing ;-) Reproducible: Always Steps to Reproduce: 1. get a cookie 2. block cookies from site 3. Actual Results: cookie remains Expected Results: deleted the cookie
I don't think this is a good idea to do. You can remove the cookies from the same manager without much problem. But if we fix this, users that want to block a site, but keep cookies, can't do that anymore.
Summary: password manager -> block cookies from site - could also remove them → cookie manager -> block cookies from site - could also remove them
agreed. I've put a fair bit of thought into this from a UI perspective, and while I'm split on how it should behave, I don't think its necessary and it breaks the existing convention. If there wasn't a valid counter-argument for keeping it, I'd say go ahead. However, deleting stored data from an option that doesn't imply delete is a bad precedent. (And an optional dialog isn't a good idea either, users don't read dialogs.) If you want to do both at the same time, use the option to block cookies from deleted sites while deleting the cookies, it achieves the same thing but you are explicitly removing the cookies, instead of us forcing you into a specific usage scenario. If you're concerned with embarassment, maybe use one profile for a work and one for personal browsing? You can enable multiple profiles at once by using an environment variable of MOZ_NO_REMOTE=1 dwitte, I'm thinking WONTFIX, how about you?
Perhaps not WONTFIX but Future? A promising focus of Mozilla is to be the browser for tech professionals, like web coders and webmasters. I can see how this feature would be very useful those people. Blocking a site should not automatically remove cookies from that site, but I can see a clear use for "wiping the slate clean" for a single domain. Perhaps in the "Cookie Site" tab, a checkbox for "also remove cookies when removing sites"? This is sort of a sister feature to the checkbox we have in "Stored Cookies".
if we have this, are we going to allow "remove all cookies from this site" (separate bug) the checkbox could work too... I don't know whether I like it or not
I agree with Mike that a the block/delete combination is misleading however i disagree that a simple "delete cookies" yes/no dialog would be too inconvienient for the user Michiel - I agree we cant take away functionallity from the current cookie manager users/or introduce too many surprises. Benc - that checkbox on the site tab would be ok if it were "delete cookies when blocking a site" and was activated by the block/allow combination of the Tools Menu 1.my overview is the cookie manager lets you grab the cookie jar and apply some basic rules on the jar. you can empty the jar you can remove a cookie from the jar and presumably you can ban a site from adding to the jar the browser takes cookies from the jar for the site (a HTTP Request) 2.the questions are does the browser have unrestricted access to the jar ie. does banning a site prevent the existing cookies for that site being sent back? could banning a site be made to make a cookie "stale" ie. a cookie that is present but would never be taken from the jar (or overwritten because of a ban)? 3. recommendations i'm not a gui expert and have had basic experience with jfc. this check box on the manager page is confusing as hell guys - i think it starts with a negitive Dont - and immediatley im confused ;-) i suggest simply three or four buttons "remove","select all","block/ban site","select/remove stale" possibly with checkbox(s) "when banning a site remove his cookies." "when removing a cookie ban his site." it does makes a two step procedure for deleting all cookies, but hey life's a compromise. the select stale would refer to cookies whose sites are banned. - it should be clear that these will not be sent with a http request or received and overwritten (because of the ban). maybe they could be hilighted in the list or have the status set to stale. i would like a "delete this sites cookies" | "delete stale cookies" on the tools menu feature for logging out of a http session or the like. i would then block/delete stale/allow|default just as a afterthought maybe the in the future cookies may become quite an important part of user privacy security - and perhaps a tree structure of domain/path/cookie may useful for blocking/allowing cookies and permission settings future sure but wontfix keeps this issue a pain! Is there actually a related bug for blocking a site and removing his cookies? (Mike)
This is an automated message, with ID "auto-resolve01". This bug has had no comments for a long time. Statistically, we have found that bug reports that have not been confirmed by a second user after three months are highly unlikely to be the source of a fix to the code. While your input is very important to us, our resources are limited and so we are asking for your help in focussing our efforts. If you can still reproduce this problem in the latest version of the product (see below for how to obtain a copy) or, for feature requests, if it's not present in the latest version and you still believe we should implement it, please visit the URL of this bug (given at the top of this mail) and add a comment to that effect, giving more reproduction information if you have it. If it is not a problem any longer, you need take no action. If this bug is not changed in any way in the next two weeks, it will be automatically resolved. Thank you for your help in this matter. The latest beta releases can be obtained from: Firefox: http://www.mozilla.org/projects/firefox/ Thunderbird: http://www.mozilla.org/products/thunderbird/releases/1.5beta1.html Seamonkey: http://www.mozilla.org/projects/seamonkey/
This bug has been automatically resolved after a period of inactivity (see above comment). If anyone thinks this is incorrect, they should feel free to reopen it.
Status: UNCONFIRMED → RESOLVED
Closed: 20 years ago
Resolution: --- → EXPIRED
Resolution: EXPIRED → DUPLICATE
You need to log in before you can comment on or make changes to this bug.