Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(228)

Issues Search
    My Issues | Starred     Open | Closed | All

Issue 8051030: Changing third-party cookie blocking: strict by default. (Closed)

Created:
9 years, 2 months ago by Mike West
Modified:
9 years, 1 month ago
CC:
chromium-reviews, darin-cc_chromium.org, pam+watch_chromium.org, Paweł Hajdan Jr.
Visibility:
Public.

Description

Changing third-party cookie blocking: strict by default. The current behavior of third-party cookie blocking blocks setting third-party cookies, but not reading those that exist. A cookie set during a direct visit to `example.com` would be sent with requests to `example.com` in the future, even when `example.com` wasn't the first-party. The `kBlockReadingThirdPartyCookies` command-line flag changed this behavior to block all access to third-party cookies. This CL makes strict blocking the default behavior, removes the command-line flag, and changes the text of the preference UI checkbox. It might also be possible to remove the `BLOCK_SETTING_THIRD_PARTY_COOKIES` cookie policy entirely; I didn't see it used anywhere other than for this preference, but need to clarify that before dropping it as well. BUG=98241 TEST=unit_tests

Patch Set 1 #

Total comments: 2
Unified diffs Side-by-side diffs Delta from patch set Stats (+10 lines, -55 lines) Patch
M chrome/app/generated_resources.grd View 2 chunks +1 line, -7 lines 0 comments Download
M chrome/browser/about_flags.cc View 1 chunk +0 lines, -7 lines 0 comments Download
M chrome/browser/content_settings/host_content_settings_map.cc View 2 chunks +7 lines, -7 lines 2 comments Download
M chrome/browser/content_settings/host_content_settings_map_unittest.cc View 2 chunks +0 lines, -26 lines 0 comments Download
M chrome/common/chrome_switches.h View 1 chunk +0 lines, -1 line 0 comments Download
M chrome/common/chrome_switches.cc View 1 chunk +0 lines, -5 lines 0 comments Download
M webkit/tools/test_shell/simple_resource_loader_bridge.cc View 2 chunks +2 lines, -2 lines 0 comments Download

Messages

Total messages: 4 (0 generated)
Mike West
Hi Jochen, Bernhard: As discussed this morning, I think it's worthwhile to try this out ...
9 years, 2 months ago (2011-09-28 07:41:58 UTC) #1
Mike West
Aaaaand it looks like I misunderstood the conclusion of our conversation, Jochen. :) Ignore this ...
9 years, 2 months ago (2011-09-28 07:44:07 UTC) #2
jochen (gone - plz use gerrit)
I think it would be better to just make the flag on by default for ...
9 years, 2 months ago (2011-09-28 07:46:48 UTC) #3
Mike West
9 years, 2 months ago (2011-09-28 09:46:34 UTC) #4 
As discussed, I'll put this to the side for the moment in favor of forcing the
command-line switch on for a few Canary releases. That CL is
http://codereview.chromium.org/8060030/.

Thanks!

On 2011/09/28 07:46:48, jochen wrote:
> I think it would be better to just make the flag on by default for now,
instead
> of ripping out the whole code path.
> 
> In order to not mess with the UI too much, I also wouldn't change the strings
> for now
> 
>
http://codereview.chromium.org/8051030/diff/1/chrome/browser/content_settings...
> File chrome/browser/content_settings/host_content_settings_map.cc (right):
> 
>
http://codereview.chromium.org/8051030/diff/1/chrome/browser/content_settings...
> chrome/browser/content_settings/host_content_settings_map.cc:212:
> net::StaticCookiePolicy::BLOCK_ALL_THIRD_PARTY_COOKIES);
> I think it would be preferable to keep a pref so you can chose which behavior
> you want using an extension API
> 
>
http://codereview.chromium.org/8051030/diff/1/chrome/browser/content_settings...
> chrome/browser/content_settings/host_content_settings_map.cc:597:
> net::StaticCookiePolicy::BLOCK_ALL_THIRD_PARTY_COOKIES);
> we don't write this pref key, so it should never be
> BLOCK_ALL_THIRD_PARTY_COOKIES

Powered by Google App Engine
This is Rietveld 408576698