user.js: FPI + some site exceptions broken [depending on settings]: FF69+ [1556212]

Thorin: read https://bugzilla.mozilla.org/show_bug.cgi?id=1556212

In 68 I blocked all cookies but maintained a list of domains to either allow cookies or allow as session only. This was achieved in the FF built-in preferences.

In my overrides I simply block all cookies via this pref: user_pref("network.cookie.cookieBehavior", 2);

Just updated to 69 and the per domain cookie permissions to either allow or per session seem to be broken. What I mean by this is the following:

68 behaviour: create a cookie permission to allow session only cookies for facebook.com. I am able to log in to facebook.

69 behaviour: same permission as the above but facebook now prompts me that I need to enable cookies. In the ‘i’ button to the left of the url bar and viewing the ‘cookies’ option to see what is being blocked and allowed, and I can see that although I have created a permission to allow session cookies for facebook FF is showing that the cookies are being blocked for fb where in 68 it would show as allowed.

For now I have reverted back to the user.js default in blocking all third party cookies.

Troubleshooting: Fresh nilla profile with no user.js. and set up the prefs manually to just block all cookies and set up a test permission to allow cookies. This worked as per 68 but as soon as I restored the user.js the cookie permissions were being ignored again.

Found this bugzilla which seems to suggest it’s linked to FPI. https://bugzilla.mozilla.org/show_bug.cgi?id=1556212

I will test (in a moment) whether disabling FPI resolves this issue

EDIT. FPI set to true seems to be the cause.

About this issue

  • Original URL
  • State: closed
  • Created 5 years ago
  • Comments: 21 (12 by maintainers)

Most upvoted comments

Where I can download previous versions of FF for testing

Depending on the version, you’ll want to open them off-line and disable the app update

+2
Thorin-Oakenpants on Sep 20, 2019

Thanks for testing guys!

So I have hacked the sh** out of my permissions.sqlite file to get this working the way it used to pre FF69 (obviously took a backup first just in-case it bites me later down the track!).

I changed all my allow and allow for session rules as per this template directly in the sqlite file >> https://www.reddit.com^firstPartyDomain=reddit.com

What I found is that if I add the site exception via the UI exceptions panel and then open the sqlite file, the rule is added without ^firstPartyDomain=xyz.com for the type cookie. Interestingly for storageAccessAPI type the rule is added with ^firstPartyDomain=xyz.com. See below (rule added via exceptions panel UI)

Screen Shot 2019-09-04 at 11 18 45

Manually modifying the above cookie rule with the correct OA format is a workaround that seems to be working a treat (so far).

Alternatively, if I try to add the firstpartyDomain rule format directly in the exceptions panel, it appears in the list as per the below and fails to accept cookies for the desired rule I attempted to add.

Screen Shot 2019-09-04 at 11 31 32
+1
seanob86 on Sep 4, 2019

Not sure if this is what I should be looking for… But in the nilla profile I created in my example above (after setting the permissions after enabling FPI), I opened the permission.sqlite file and in the moz_perms table I can see the following entry https://www.reddit.com^firstPartyDomain=reddit.com

+1
seanob86 on Sep 3, 2019
Read more comments on GitHub
← user.js: FF76-77: 0709 disable_unc_paths can break extensions: see OP for solution [1634267 resolved 78]
user.js: FYI: don't use dFPI with FPI [1631676: resolved 78] →