Per-Site Third-Party Cookie Setting

Feature	Status	Release Target	Dev Lead	QA Lead	QA Status
Per-Site Third-Party Cookie Setting	Landed	Firefox 18	Monica Chew	Ioana Budnar	Signed Off

Summary

Allow users to control third-party cookie setting on a per-site basis. This way users can more granularly manage trust for sites that cookie them.
The 3rd party per-site rules should be checked for and applied as an override to any global settings:
- 3rd Party Cookie Global DENY & foo.com 3rd party cookie ALLOW
  - A page at bar.com gets/sets baz.com 3rd party cookie: DENY
  - A page at foo.com gets/sets baz.com 3rd party cookie: ALLOW
- 3rd Party Cookie Global ALLOW & foo.com 3rd party cookie DENY
  - A page at foo.com gets/sets baz.com 3rd party cookie: DENY
  - A page at bar.com gets/sets baz.com 3rd party cookie: ALLOW

The user creates different mixes of privacy settings configurations regarding cookies. E.g.:
- The user disables sending a certain website cookies in a third party context, but doesn't give up that functionality for the entire web.
- The user allows third party cookie-sending for a certain website, but not for other websites.
- The user allows third party cookies for certain websites, only first party cookies for other websites, and no cookies for the rest of the websites.
- etc

The manual test cases for this feature can be viewed here.
- They are also present in MozTrap, in the Per-site Third-party Cookie Setting test suite.
Automated tests
- Functional tests
- UI test

Implementation bugs:
- VERIFIED 770705 - Update about:permissions to allow editing per site 3rd party cookie prefs
- RESOLVED 770691 - Update nsCookiePermission to enable 'per site' 3rd party cookie blocking
- NEW 564877 - Accept cookies from site X but do not transmit them as third-party cookies
- NEW 796113 - The meaning of "Allow First Party Only" is unclear

This is not cookie double-keying.
This does not dictate default behavior (e.g. changing the default to turn off all third party cookies).