Raise cookies per basedomain limit to 150

RESOLVED FIXED

Status

()

Core
Networking: Cookies
RESOLVED FIXED
7 years ago
7 years ago

People

(Reporter: dwitte@gmail.com, Assigned: dwitte@gmail.com)

Tracking

unspecified
x86_64
Linux
Points:
---

Firefox Tracking Flags

(blocking2.0 betaN+, status1.9.2 .11-fixed)

Details

Attachments

(1 attachment)

(Assignee)

Description

7 years ago
We're starting to run into problems with the 50 limit being too low. The Chrome guys agree that we should raise it to 150.
(Assignee)

Comment 1

7 years ago
This should block 2.0, since it's a problem now, and we want behavior to be consistent between browsers.
blocking2.0: --- → ?
(Assignee)

Updated

7 years ago
Assignee: nobody → dwitte
(Assignee)

Comment 2

7 years ago
Created attachment 469266 [details] [diff] [review]
patch
Attachment #469266 - Flags: review?(sdwilsh)
We should consider landing this on the older branches as well if we're going to change it. If sites expand into the new limits that will start on a particular calendar date and extend into the future, not be based on what version the user happens to be running.
Only to versions that have the soft global limit though. When did that land?
(Assignee)

Comment 5

7 years ago
http://hg.mozilla.org/releases/mozilla-1.9.2/rev/af278cec894d

7/20/09 on 1.9.2. Agree we should land there too.
(Assignee)

Comment 6

7 years ago
To be clear, for anyone reading along: the reason the limit is too low is that, when we changed the limit to mean "per base domain" instead of "per host", we caused trouble for sites that rely on being able to set a bunch of cookies on different subdomains. Like Google.

We still want the limit, but it's not as important now that we have our new purging algorithm -- we've prevented the kind of attack where a malicious site can log you out of everything; the worst you can do is cause the browser to take up a bunch of memory and disk.
Comment on attachment 469266 [details] [diff] [review]
patch

> // default limits for the cookie list. these can be tuned by the
> // network.cookie.maxNumber and network.cookie.maxPerHost prefs respectively.
Is this comment still correct?  We have four defaults here.

r=sdwilsh
Attachment #469266 - Flags: review?(sdwilsh) → review+
(Assignee)

Comment 8

7 years ago
Comment on attachment 469266 [details] [diff] [review]
patch

Looking for approval -- we want branch to be consistent with trunk here, so behavior is uniform.
Attachment #469266 - Flags: approval1.9.2.10?
(Assignee)

Comment 9

7 years ago
(In reply to comment #7)
> Is this comment still correct?  We have four defaults here.

Yeah, it's correct; I could mention the purgeAge pref too, though.

Updated

7 years ago
blocking2.0: ? → betaN+
(Assignee)

Comment 10

7 years ago
http://hg.mozilla.org/projects/electrolysis/rev/a02aee4f7197
(Assignee)

Comment 11

7 years ago
http://hg.mozilla.org/mozilla-central/rev/a02aee4f7197

Still need a branch landing here.
Status: NEW → RESOLVED
Last Resolved: 7 years ago
Resolution: --- → FIXED

Updated

7 years ago
Attachment #469266 - Flags: approval1.9.2.11? → approval1.9.2.11+
(Assignee)

Comment 12

7 years ago
Landed on 1.9.2.

http://hg.mozilla.org/releases/mozilla-1.9.2/rev/d49e8022e892

Updated

7 years ago
status1.9.2: --- → .11-fixed
You need to log in before you can comment on or make changes to this bug.