Closed Bug 262656 Opened 21 years ago Closed 21 years ago

Cookies from external sites allowed via javascript includes when 'for the originating website only' cookie preference is set

Categories

(Firefox :: Settings UI, defect)

Product:
Firefox
Component:
Settings UI
Platform:
x86
Linux
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED DUPLICATE of bug 200716

People

(Reporter: gburt, Assigned: bugzilla)

References

(
URL
)

Details

User-Agent: Mozilla/5.0 (X11; U; Linux i686; rv:1.7.3) Gecko/20041001 Firefox/0.10.1 Build Identifier: Mozilla/5.0 (X11; U; Linux i686; rv:1.7.3) Gecko/20041001 Firefox/0.10.1 When a user has the 'for the originating web site only' cookie preference true, external sites are still able to set new cookies via JavaScript includes from the original web site. I believe this is misleading to the user, and those cookies should not be allowed with this preference set. Reproducible: Always Steps to Reproduce: 1. Visit a web site that includes external scripts via <script src="http://other.site.com"> 2. Watch cookies get set (most easily by setting the 'ask me every time' cookie preference 3. Actual Results: Cookies from sites other than the site the user believes they are visiting are allowed to be set when the 'for the originating web site' cookie preference is set Expected Results: These cookies should not be allowed, or the preference should be changed so it doesn't mislead the user into thinking they will be.
*** This bug has been marked as a duplicate of 200716 ***
Status: UNCONFIRMED → RESOLVED
Closed: 21 years ago
Resolution: --- → DUPLICATE
sorry for bugspam, long-overdue mass reassign of ancient QA contact bugs, filter on "beltznerLovesGoats" to get rid of this mass change
QA Contact: mconnor → preferences
You need to log in before you can comment on or make changes to this bug.