Open Bug 1509553 Opened 6 years ago Updated 2 years ago

In the network monitor, indicate somehow when cookies are ignored by Content Blocking

Categories

(DevTools :: Netmonitor, defect, P3)

Product:
DevTools
Component:
Netmonitor
Type:
defect

Tracking

(Not tracked)

People

(Reporter: ehsan.akhgari, Unassigned)

References

(Blocks 2 open bugs)

Details

Attachments

(1 file)

image.png
(deleted), image/png
Details
Right now the network monitor can show cookies that the browser may ignore when Content Blocking is turned on in a couple of places, such as the Headers view, and the Cookies view. These are basically the result of devtools looking at Set-Cookie headers and assuming the browser is going to accept anything it receives from the network, which is no longer true (it was never really true but with Content Blocking soon this will stop being true for all users). It would be nice to update network monitor somehow to show the reality here.

Tanks for the report Ehsan!

This could be done as part of our "Improve content blocking debugging flow" effort (bug 1484005)

Honza

Priority: -- → P3

Are there any platform API we could use to calculate the list of ignored cookies? (to be as close as possible to the reality)
Honza

Flags: needinfo?(ehsan)

SameSite should probably also be part of this, as it blocks cookies.

(In reply to Jan Honza Odvarko [:Honza] (always need-info? me) from comment #2)

Are there any platform API we could use to calculate the list of ignored cookies? (to be as close as possible to the reality)

We currently send the "cookie-rejected" observer notification ever time we decide to not accept a cookie (when reading/writing them). Is that enough for your needs? If not we can probably add something else that matches your needs...

Flags: needinfo?(ehsan)
Attached image image.png (deleted) —

I've tested the "cookie-rejected" notification with same-site cookies and created a simple test scenario

  1. Honza'a origin site that creates two cookies. One samesite=Strict and second samesite=Lax
    http://softwareishard.com/tests/network/blocked-cookies/my-site.php

  2. Third party site that loads an image from Honza's site
    http://odvarko.com/tests/network/blocked-cookies/third-party-site.php
    This site blocks the cookies when loading the image.

I was able to handle "cookie-rejected" event but, the subject is pointing to host URL object. The object is passed in here:
https://searchfox.org/mozilla-central/rev/9b4b41b95cbcda63f565bdc24411e15248f91d83/netwerk/cookie/nsCookieService.cpp#2218

How can I see what specific cookie is blocked from the event?

Honza

Flags: needinfo?(ehsan)

That information isn't currently exposed on this event. It is also not always meaningful, only when setting cookies. This same notification is dispatched when reading cookies, and there we may have one or more cookies stored in the cookie manager which are being denied, so there is no single name of the cookie being rejected to present alongside with this event.

Flags: needinfo?(ehsan)
Severity: normal → S3
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: