Privacy/Features/Per-Site Third-Party Cookie Setting: Difference between revisions
No edit summary |
No edit summary |
||
| Line 25: | Line 25: | ||
|Feature theme=Enable Control of Tracking and Third-Party Sharing | |Feature theme=Enable Control of Tracking and Third-Party Sharing | ||
|Feature roadmap=Privacy | |Feature roadmap=Privacy | ||
|Feature list=Platform | |Feature list=Platform | ||
|Feature engineering team=Privacy | |Feature engineering team=Privacy | ||
}} | }} | ||
{{FeatureTeamStatus}} | {{FeatureTeamStatus}} | ||
Revision as of 23:16, 1 February 2012
Status
| Per-Site Third-Party Cookie Setting | |
| Stage | Draft |
| Status | ` |
| Release target | ` |
| Health | OK |
| Status note | ` |
{{#set:Feature name=Per-Site Third-Party Cookie Setting
|Feature stage=Draft |Feature status=` |Feature version=` |Feature health=OK |Feature status note=` }}
Team
| Product manager | ` |
| Directly Responsible Individual | ` |
| Lead engineer | ` |
| Security lead | Curtis Koenig |
| Privacy lead | Sid Stamm |
| Localization lead | ` |
| Accessibility lead | ` |
| QA lead | ` |
| UX lead | ` |
| Product marketing lead | ` |
| Operations lead | ` |
| Additional members | ` |
{{#set:Feature product manager=`
|Feature feature manager=` |Feature lead engineer=` |Feature security lead=Curtis Koenig |Feature privacy lead=Sid Stamm |Feature localization lead=` |Feature accessibility lead=` |Feature qa lead=` |Feature ux lead=` |Feature product marketing lead=` |Feature operations lead=` |Feature additional members=` }}
Open issues/risks
`
Stage 1: Definition
1. Feature overview
It would be nice to allow users to control third-party cookie sending on a per-site basis. This way users can more granularly manage trust for sites that cookie them.
2. Users & use cases
- I trust the entire web by default, but distrust evilTrackingCompany.com (who shows ads on sites). I want to disable sending them cookies in a third party context, but not lose that functionality on the entire web.
- I don't like the idea of third party cookies, but want facebook connect to provide context when I visit sites. I would like to allow third party cookie-sending for facebook.com, but not for other web sites.
3. Dependencies
`
4. Requirements
- Plumbing for per-site third-party cookie preference. Right now we have a global preference, but not a way to dictate third-party behavior per site.
- User interface tweak so that these settings are available in about:permissions
- This must interact predictably with the global third-party cookie preference; if a user stores a site-specific preference for third-party cookies, any global preference for this is overridden. (Users can specify a global "allow" or "deny" by default, and then per-site state exceptions to that rule.)
Non-goals
- This is not cookie double-keying.
- This does not dictate default behavior (e.g., changing the default to turn off all third party cookies.
Stage 2: Design
5. Functional specification
`
6. User experience design
`
Stage 3: Planning
7. Implementation plan
`
8. Reviews
Security review
`
Privacy review
`
Localization review
`
Accessibility
`
Quality Assurance review
`
Operations review
`
Stage 4: Development
9. Implementation
This probably involves adding a constant to nsICookiePermission.idl to state whether or not third party cookies are allowed for the specified origin. Probably also involves tweaking nsCookieService.cpp to check for both the global and origin-specific third party cookie permissions (see line 3122 of that file).
Relevant: bug 564877 - allow cookies but do not transmit in third-party context. We could probably improve upon this to block setting in third-party context too (not deleting them, but just not modifying or reading from the origin's cookie jar in a third party context).
Stage 5: Release
10. Landing criteria
` {{#set:Feature open issues and risks=` |Feature overview=It would be nice to allow users to control third-party cookie sending on a per-site basis. This way users can more granularly manage trust for sites that cookie them. |Feature users and use cases=* I trust the entire web by default, but distrust evilTrackingCompany.com (who shows ads on sites). I want to disable sending them cookies in a third party context, but not lose that functionality on the entire web.
- I don't like the idea of third party cookies, but want facebook connect to provide context when I visit sites. I would like to allow third party cookie-sending for facebook.com, but not for other web sites.
|Feature dependencies=` |Feature requirements=# Plumbing for per-site third-party cookie preference. Right now we have a global preference, but not a way to dictate third-party behavior per site.
- User interface tweak so that these settings are available in about:permissions
- This must interact predictably with the global third-party cookie preference; if a user stores a site-specific preference for third-party cookies, any global preference for this is overridden. (Users can specify a global "allow" or "deny" by default, and then per-site state exceptions to that rule.)
|Feature non-goals=* This is not cookie double-keying.
- This does not dictate default behavior (e.g., changing the default to turn off all third party cookies.
|Feature functional spec=` |Feature ux design=` |Feature implementation plan=` |Feature security review=` |Feature privacy review=` |Feature localization review=` |Feature accessibility review=` |Feature qa review=` |Feature operations review=` |Feature implementation notes=This probably involves adding a constant to nsICookiePermission.idl to state whether or not third party cookies are allowed for the specified origin. Probably also involves tweaking nsCookieService.cpp to check for both the global and origin-specific third party cookie permissions (see line 3122 of that file).
Relevant: bug 564877 - allow cookies but do not transmit in third-party context. We could probably improve upon this to block setting in third-party context too (not deleting them, but just not modifying or reading from the origin's cookie jar in a third party context). |Feature landing criteria=` }}
Feature details
| Priority | P1 |
| Rank | 999 |
| Theme / Goal | Enable Control of Tracking and Third-Party Sharing |
| Roadmap | Privacy |
| Secondary roadmap | ` |
| Feature list | Platform |
| Project | ` |
| Engineering team | Privacy |
{{#set:Feature priority=P1
|Feature rank=999 |Feature theme=Enable Control of Tracking and Third-Party Sharing |Feature roadmap=Privacy |Feature secondary roadmap=` |Feature list=Platform |Feature project=` |Feature engineering team=Privacy }}
Team status notes
| status | notes | |
| Products | ` | ` |
| Engineering | ` | ` |
| Security | ` | ` |
| Privacy | ` | ` |
| Localization | ` | ` |
| Accessibility | ` | ` |
| Quality assurance | ` | ` |
| User experience | ` | ` |
| Product marketing | ` | ` |
| Operations | ` | ` |
{{#set:Feature products status=`
|Feature products notes=` |Feature engineering status=` |Feature engineering notes=` |Feature security status=` |Feature security health=` |Feature security notes=` |Feature privacy status=` |Feature privacy notes=` |Feature localization status=` |Feature localization notes=` |Feature accessibility status=` |Feature accessibility notes=` |Feature qa status=` |Feature qa notes=` |Feature ux status=` |Feature ux notes=` |Feature product marketing status=` |Feature product marketing notes=` |Feature operations status=` |Feature operations notes=` }}