Privacy/Features/Multiple Cookie Jars

From MozillaWiki
Jump to: navigation, search
Please use "Edit with form" above to edit this page.

Status

Multiple Cookie Jars
Stage Draft
Status `
Release target `
Health OK
Status note `

Team

Product manager Sid Stamm
Directly Responsible Individual Sid Stamm
Lead engineer `
Security lead `
Privacy lead Sid Stamm
Localization lead `
Accessibility lead `
QA lead `
UX lead `
Product marketing lead `
Operations lead `
Additional members `

Open issues/risks

`

Stage 1: Definition

1. Feature overview

For many parts of the browser, including add-ons, it would be nice to maintain a separate cookie store or cookie jar. Currently the cookie service only allows one place (and one set of all cookies for a domain) but some features would benefit from having a different "profile" of cookies depending on the context in which the HTTP requests go out.

2. Users & use cases

  1. Safe Browsing traffic uses a cookie to make sure quality of service is adequate and abuse of the system goes mitigated. There's no reason cookies for the Safe Browsing service to be shared with those used by general traffic to Google properties (e.g., log into gmail). The Safe Browsing service could still operate properly if its cookies were separate from the rest of the user's http cookies, and the isolation of identification tokens would increase our users' control over HTTP-borne identifiers.

3. Dependencies

`

4. Requirements

  • Backwards compatible: things assuming one cookie jar must still operate without code change.
  • Arbitrary jarring: add-ons should be able to construct and use their own cookie jar.

Non-goals

`

Stage 2: Design

5. Functional specification

`

6. User experience design

We should revamp the Cookie UI to present multiple jars (if they're deployed) or change the delete-individual-cookies UI to make it clear which jar each cookie is in.

Stage 3: Planning

7. Implementation plan

`

8. Reviews

Security review

`

Privacy review

`

Localization review

`

Accessibility

`

Quality Assurance review

`

Operations review

`

Stage 4: Development

9. Implementation

`

Stage 5: Release

10. Landing criteria

`


Feature details

Priority P1
Rank 2
Theme / Goal Contextual Identity
Roadmap Privacy
Secondary roadmap Platform
Feature list `
Project `
Engineering team Privacy

Team status notes

  status notes
Products ` `
Engineering ` `
Security ` `
Privacy ` `
Localization ` `
Accessibility ` `
Quality assurance ` `
User experience ` `
Product marketing ` `
Operations ` `