Privacy/Features/Per-Site Third-Party Cookie Setting/TestPlan
From MozillaWiki
Contents
Per-Site Third-Party Cookie Setting
Feature | Status | Release Target | Dev Lead | QA Lead | QA Status |
Per-Site Third-Party Cookie Setting | Landed | Firefox 18 | Monica Chew | Ioana Budnar | Signed Off |
Summary
- Allow users to control third-party cookie setting on a per-site basis. This way users can more granularly manage trust for sites that cookie them.
- The 3rd party per-site rules should be checked for and applied as an override to any global settings:
- 3rd Party Cookie Global DENY & foo.com 3rd party cookie ALLOW
- A page at bar.com gets/sets baz.com 3rd party cookie: DENY
- A page at foo.com gets/sets baz.com 3rd party cookie: ALLOW
- 3rd Party Cookie Global ALLOW & foo.com 3rd party cookie DENY
- A page at foo.com gets/sets baz.com 3rd party cookie: DENY
- A page at bar.com gets/sets baz.com 3rd party cookie: ALLOW
- 3rd Party Cookie Global DENY & foo.com 3rd party cookie ALLOW
References
Use Cases
- The user creates different mixes of privacy settings configurations regarding cookies. E.g.:
- The user disables sending a certain website cookies in a third party context, but doesn't give up that functionality for the entire web.
- The user allows third party cookie-sending for a certain website, but not for other websites.
- The user allows third party cookies for certain websites, only first party cookies for other websites, and no cookies for the rest of the websites.
- etc
Test Cases
- The manual test cases for this feature can be viewed here.
- They are also present in MozTrap, in the Per-site Third-party Cookie Setting test suite.
- Automated tests
Bugs
- Implementation bugs:
- VERIFIED 770705 - Update about:permissions to allow editing per site 3rd party cookie prefs
- RESOLVED 770691 - Update nsCookiePermission to enable 'per site' 3rd party cookie blocking
- NEW 564877 - Accept cookies from site X but do not transmit them as third-party cookies
- NEW 796113 - The meaning of "Allow First Party Only" is unclear
Non-goals
- This is not cookie double-keying.
- This does not dictate default behavior (e.g. changing the default to turn off all third party cookies).
Sign off
- Criteria
- All the test cases were executed.
- All the blocker, critical, major bugs have been fixed.
- Sign offs
- Firefox 18 Aurora - 2012-11-12
- Firefox 18 beta 1 - 2012-11-23