From a security standpoint, and IMO, cookie management in SM 2.0RC1 has been
markedly downgraded from the level available in 1.1.18.  In the latter, a user
is able to set options for both first- and third-party cookies, as well as
specifics regarding website privacy policies for both types of cookies.
SM 2.0RC1 completely removes the the ability to configure cookie management
based on privacy options, leaving a user with only the option of allowing all
cookies, which is unacceptable for those who wish to reject third-party cookies,
or only allowing cookies from the originating website, a blanket option that is
often too severe a restriction on some websites for which allowing session
third-party cookies of certain types is helpful and acceptable.

I realize the move to the new backend for 2.0 has necessitated many alterations,
but I fail to see the benefit in removing a robust security option from the
browser.  Surely this option was not limited to the backend of 1.1.18; most of
the options available in 2.0's UI are either identical to 1.1.18 or so similar
as to be nearly identical.  I'm baffled as to why this option was removed or not
ported over to 2.0.  From my POV, SM 2.0 will be unusable (as is Firefox, IMO
and for the same reason) without the restoration of cookie management as it
stands in SM 1.1.18.

I've searched Bugzilla, but have been unable to find a specific bug regarding
this UI option.  If anyone can point me in the right direction, I would
appreciate it, since I would like to vote and add my comments regarding this
security setting.

TIA for any replies --
     /\ /\                           | "No, Heaven will not ever Heaven be
     ^o o^    D.K. "Cat" Kraft       |  unless my cats are there to welcome
     ->T<-                           |  me."
       ~      Lynnwood, WA           |               -- Epitaph on a pet
___oOO___OOo___                      |                  cemetery gravestone
support-seamonkey mailing list

Reply via email to