🌐 Website Issue | Firefox about:config network.cookie.cookieBehavior #1704
Labels
No Label
🔍🤖 Search Engines
approved
dependencies
duplicate
feedback wanted
high priority
I2P
iOS
low priority
OS
Self-contained networks
Social media
stale
streaming
todo
Tor
WIP
wontfix
XMPP
[m]
₿ cryptocurrency
ℹ️ help wanted
↔️ file sharing
⚙️ web extensions
✨ enhancement
❌ software removal
💬 discussion
🤖 Android
🐛 bug
💢 conflicting
📝 correction
🆘 critical
📧 email
🔒 file encryption
📁 file storage
🦊 Firefox
💻 hardware
🌐 hosting
🏠 housekeeping
🔐 password managers
🧰 productivity tools
🔎 research required
🌐 Social News Aggregators
🆕 software suggestion
👥 team chat
🔒 VPN
🌐 website issue
🚫 Windows
👁️ browsers
🖊️ digital notebooks
🗄️ DNS
🗨️ instant messaging (im)
🇦🇶 translations
No Milestone
No Assignees
1 Participants
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: privacyguides/privacytools.io#1704
Loading…
Reference in New Issue
No description provided.
Delete Branch "%!s(<nil>)"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Description
In the new versions of Firefox, there are five options to manage cookies. The website explains just three of them (number 0 to number 2).
The two other options are:
Screenshots
Do you have a source for 3? It seems to be wrong according to Mozilla developer documentation;
I don't know whatp3p settings are apparently for protocol obsolete for around 18 years, but I understand it to not apply to Firefox and 4 seems experimental and possibly shouldn't be recommended yet?CC: @Thorin-Oakenpants
In the browser's privacy preferences, there are four options. From the list, select "Cookies from unvisited websites" then go to network.cookie.cookieBehavior in the about:config and check the value. It's 3. (Checked on Firefox v73.0)
^^ these are the actual words used in the UI
I'm not (edit, left out the word not 🤦 ) sure how much you should trust that MDN page, even if it was last updated Feb 7th 2020. e.g
network.cookie.lifetimePolicy
values have changed (see next point)network.cookie.lifetime.days
is deprecated here's the proof - hence (see above values have changed)Up to you guys what you want to do: no-one is saying you have to list all the values, and value 3 is a waste of time IMO and will just confuse people. I wouldn't be surprised if it got removed and I can't see the point in such a setting TBH.
PS: this (cleaning up descriptions etc) is already slated as part of #1430 which is now been sitting waiting for some action for 3 and a half months - rather than ping me (edit: for things already on PTIO's webpage), how about getting #1430 under way .. just saying /sorry-for-being-grumpy :)
Hey there!
It true, the issue has been hanging around for a while, but its the next thing on my list to work on after im done writing our new COI and whistleblower policies :)!
heh. it's the default :)
For future reference, what is a source for documentation about these flags that can be trusted? 😕
^^ the source code
That's still the case in 81.0.1.
I think we might fix this by removing the recommendation. We could put a suggestion, there for option 1 (with a warning), but that's really going to be the only useful option, imho
note that since firefox 86, we can also set
network.cookie.cookieBehavior
to5
it would be great if we could get some some direction on whether it is better to set this setting to 5 or 1
If you have FPI enabled 1 is better (5 will be downgraded to 4 AFAIK).
If you don't use FPI 5 (TCP/dFPI) is better otherwise you would have no isolation.