On 10/09/2009 06:17 PM, D. K. Kraft wrote:
> From a security standpoint, and IMO, cookie management in SM 2.0RC1
> has been markedly downgraded from the level available in 1.1.18.  In
> the latter, a user is able to set options for both first- and
> third-party cookies, as well as specifics regarding website privacy
> policies for both types of cookies. SM 2.0RC1 completely removes the
> the ability to configure cookie management based on privacy options,
> leaving a user with only the option of allowing all cookies, which is
> unacceptable for those who wish to reject third-party cookies, or
> only allowing cookies from the originating website, a blanket option
> that is often too severe a restriction on some websites for which
> allowing session third-party cookies of certain types is helpful and
> acceptable.

Perhaps you are referring to the missing 'Allow cookies based on privacy
settings' that was available in 1.1.x?

No idea why it was removed, but seems consistent with the Firefox 3.x UI
and code.

> I realize the move to the new backend for 2.0 has necessitated many
> alterations, but I fail to see the benefit in removing a robust
> security option from the browser.  Surely this option was not limited
> to the backend of 1.1.18; most of the options available in 2.0's UI
> are either identical to 1.1.18 or so similar as to be nearly
> identical.  I'm baffled as to why this option was removed or not 
> ported over to 2.0.  From my POV, SM 2.0 will be unusable (as is
> Firefox, IMO and for the same reason) without the restoration of
> cookie management as it stands in SM 1.1.18.
> I've searched Bugzilla, but have been unable to find a specific bug
> regarding this UI option.  If anyone can point me in the right
> direction, I would appreciate it, since I would like to vote and add
> my comments regarding this security setting.

Nor could I using
So file a bug & see what turns up.

> TIA for any replies --

support-seamonkey mailing list

Reply via email to