Privacy/Features/Per-Site Third-Party Cookie Setting/TestPlan

From MozillaWiki
Jump to: navigation, search

Per-Site Third-Party Cookie Setting

Feature Status Release Target Dev Lead QA Lead QA Status
Per-Site Third-Party Cookie Setting Landed Firefox 18 Monica Chew Ioana Budnar Signed Off

Summary

  • Allow users to control third-party cookie setting on a per-site basis. This way users can more granularly manage trust for sites that cookie them.
  • The 3rd party per-site rules should be checked for and applied as an override to any global settings:
    • 3rd Party Cookie Global DENY & foo.com 3rd party cookie ALLOW
      • A page at bar.com gets/sets baz.com 3rd party cookie: DENY
      • A page at foo.com gets/sets baz.com 3rd party cookie: ALLOW
    • 3rd Party Cookie Global ALLOW & foo.com 3rd party cookie DENY
      • A page at foo.com gets/sets baz.com 3rd party cookie: DENY
      • A page at bar.com gets/sets baz.com 3rd party cookie: ALLOW

References

Use Cases

  • The user creates different mixes of privacy settings configurations regarding cookies. E.g.:
    • The user disables sending a certain website cookies in a third party context, but doesn't give up that functionality for the entire web.
    • The user allows third party cookie-sending for a certain website, but not for other websites.
    • The user allows third party cookies for certain websites, only first party cookies for other websites, and no cookies for the rest of the websites.
    • etc

Test Cases

  • The manual test cases for this feature can be viewed here.
    • They are also present in MozTrap, in the Per-site Third-party Cookie Setting test suite.
  • Automated tests

Bugs

  • Implementation bugs:
    • VERIFIED 770705 - Update about:permissions to allow editing per site 3rd party cookie prefs
    • RESOLVED 770691 - Update nsCookiePermission to enable 'per site' 3rd party cookie blocking
    • NEW 564877 - Accept cookies from site X but do not transmit them as third-party cookies
    • NEW 796113 - The meaning of "Allow First Party Only" is unclear

Non-goals

  • This is not cookie double-keying.
  • This does not dictate default behavior (e.g. changing the default to turn off all third party cookies).

Sign off

Criteria
  • All the test cases were executed.
  • All the blocker, critical, major bugs have been fixed.
Sign offs
  • Firefox 18 Aurora - 2012-11-12
  • Firefox 18 beta 1 - 2012-11-23