MozillaWiki

Security/Cookie Preferences

< Security

011.04.19 Cookie Prefrences Security Discussion

Bugs: 646095 - Move/clarify cookie storage preferences

Background:

  • Add more prefs for how we deal with cookies; current cookie prefs are somewhat misleading
  • clear about diff types of cookies and weather you want to accept or not
  • current ask always pref is unusable, possibly a better choice for an add-on
  • cookie sandboxing is _not_ in scope for this particular run, possible future scope

Security concerns:

  • What is appropriate level of granularity, what do these switches do?
    • What are the trade-offs? Not all cookies are bad, is there a "horse trade" here?
  • How do we help users make the right choices?
  • Is there a bridge between online and offline tracking with regards to cookies? ex. history manager type of experience

Thoughts / Responses

  • Too many cookies to manage manually
 (disputed: not for the kind of people who manage w/NoScript or similar)
  • Pref for ask me every time is considered unusable
  • Cookie settings / prefs are hard to find in older UI, this moves this to a more usable location

Security Wants:

  • private browsing, DNT, cookies, 3rd party cookies = how can we get these things to work together for better user choice on security

Outcomes:

  • This bug and work are fine as is for the time being

AI: Curtis will arrange a future discussion among the private browsing, DNT, cookie and security to have a larger discussion about future goals

Retrieved from "https://wiki.allizom.org/index.php?title=Security/Cookie_Preferences&oldid=301097"