Git-Mirrors/firefox-user.js
1
0
Fork 0
mirror of https://github.com/arkenfox/user.js.git synced 2024-06-26 14:32:30 +00:00
Code Issues Packages Projects Releases Wiki Activity

2706->2702 merge: 3rd party cookies + sessionOnly

Browse Source
This commit is contained in:
Thorin-Oakenpants 2018-01-18 20:26:49 +13:00 committed by GitHub
parent 6becf50fe6
commit 91c8da5f12
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 5 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
user.js
View File

@ -1418,10 +1418,14 @@ user_pref("_user.js.parrot", "2700 syntax error: the parrot's joined the bleedin
* [NOTE] This also controls access to 3rd party Web Storage, IndexedDB, Cache API and Service Worker Cache
* [1] https://www.fxsitecompat.com/en-CA/docs/2015/web-storage-indexeddb-cache-api-now-obey-third-party-cookies-preference/ ***/
user_pref("network.cookie.cookieBehavior", 2);
/* 2702: set third-party cookies (if enabled, see above pref) to session-only
/* 2702: set third-party cookies (i.e ALL) (if enabled, see above pref) to session-only
and (FF58+) set third-party non-secure (i.e HTTP) cookies to session-only
[NOTE] .sessionOnly overrides .nonsecureSessionOnly except when .sessionOnly=false and
.nonsecureSessionOnly=true. This allows you to keep HTTPS cookies, but session-only HTTP ones
* [1] https://feeding.cloud.geek.nz/posts/tweaking-cookies-for-privacy-in-firefox/
* [2] http://kb.mozillazine.org/Network.cookie.thirdparty.sessionOnly ***/
user_pref("network.cookie.thirdparty.sessionOnly", true);
user_pref("network.cookie.thirdparty.nonsecureSessionOnly", true); // (FF58+)
/* 2703: set cookie lifetime policy
* 0=until they expire (default), 2=until you close Firefox, 3=for n days (see next pref)
* [SETTING-56+] Options>Privacy & Security>History>Custom Settings>Accept cookies from sites>Keep until
@ -1432,9 +1436,6 @@ user_pref("network.cookie.thirdparty.sessionOnly", true);
/* 2705: disable HTTP sites setting cookies with the "secure" directive (default: true) (FF52+)
* [1] https://developer.mozilla.org/Firefox/Releases/52#HTTP ***/
user_pref("network.cookie.leave-secure-alone", true);
/* 2706: set third party non-secure (i.e HTTP) cookies as session only (FF58+)
* [1] https://bugzilla.mozilla.org/show_bug.cgi?id=1160368 ***/
user_pref("network.cookie.thirdparty.nonsecureSessionOnly", true);
/* 2710: disable DOM (Document Object Model) Storage
* [WARNING] This will break a LOT of sites' functionality.
* You are better off using an extension for more granular control ***/