If you think a bug might affect users in the 57 release, please set the correct tracking and status flags for Release Management.

Tracking bug to treat "localStorage cookies" the same way as http cookies

NEW
Unassigned

Status

()

Core
DOM
7 years ago
3 days ago

People

(Reporter: mayhemer, Unassigned)

Tracking

(Depends on: 3 bugs, Blocks: 1 bug, {privacy})

Trunk
privacy
Points:
---
Dependency tree / graph

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

7 years ago
localStorage (and generally any DOMStorage we currently have) can be used to store values that are actually very similar by behavior and exploitation to http cookies.

On several places we are missing a way to track these localStorage cookie values and delete them along with http cookies in some cases.

This bug tracks these issue.


One important distinction:  a web site (specified by an URL) can behave as an 'offline web application'.  This happens after a page presents it self like that AND user gives that site the 'offline web application' permission to act like that.  For sites with this permission localStorage values are no longer considered "localStorage cookies" and therefor for those this bug doesn't apply.  This is fixed since Gecko 1.9.2, if I have a correct track here, for sure in the up-to-date Gecko version.
(Reporter)

Updated

7 years ago
Depends on: 580059

Updated

5 years ago
Blocks: 812863
You need to log in before you can comment on or make changes to this bug.