Bug 1651120 - Add cookie sameSite schemeful as an experimental feature, r=Gijs,fluent-reviewers
authorAndrea Marchesini <amarchesini@mozilla.com>
Thu, 09 Jul 2020 23:24:53 +0000
changeset 539778 fbb252cc1d6dc8d097cbed48164d7a0e566a0c2e
parent 539777 739056dc4d11ec7953df7559309d5c958e136acd
child 539779 4b15b16f9d84eb394c2cee9d0d1e7d9fd52ed387
push id121329
push useramarchesini@mozilla.com
push dateFri, 10 Jul 2020 10:29:38 +0000
treeherderautoland@fbb252cc1d6d [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersGijs, fluent-reviewers
bugs1651120
milestone80.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1651120 - Add cookie sameSite schemeful as an experimental feature, r=Gijs,fluent-reviewers Differential Revision: https://phabricator.services.mozilla.com/D82561
toolkit/components/featuregates/Features.toml
toolkit/locales/en-US/toolkit/featuregates/features.ftl
toolkit/modules/tests/browser/browser_Troubleshoot.js
--- a/toolkit/components/featuregates/Features.toml
+++ b/toolkit/components/featuregates/Features.toml
@@ -53,8 +53,18 @@ default-value = {default = false, nightl
 title = "experimental-features-abouthome-startup-cache"
 description = "experimental-features-abouthome-startup-cache-description"
 restart-required = true
 preference = "browser.startup.homepage.abouthome_cache.enabled"
 type = "boolean"
 bug-numbers = [1614351]
 is-public = true
 default-value = false
+
+[cookie-samesite-schemeful]
+title = "experimental-features-cookie-samesite-schemeful"
+description = "experimental-features-cookie-samesite-schemeful-description"
+restart-required = false
+preference = "network.cookie.sameSite.schemeful"
+type = "boolean"
+bug-numbers = [1651119]
+is-public = true
+default-value = {default = false, nightly = true}
--- a/toolkit/locales/en-US/toolkit/featuregates/features.ftl
+++ b/toolkit/locales/en-US/toolkit/featuregates/features.ftl
@@ -30,8 +30,14 @@ experimental-features-cookie-samesite-no
     .label = Cookies: SameSite=None requires secure attribute
 experimental-features-cookie-samesite-none-requires-secure2-description = Cookies with “SameSite=None” attribute require the secure attribute. This feature requires “Cookies: SameSite=Lax by default”.
 
 # about:home should be kept in English, as it refers to the the URI for
 # the internal default home page.
 experimental-features-abouthome-startup-cache =
     .label = about:home startup cache
 experimental-features-abouthome-startup-cache-description = A cache for the initial about:home document that is loaded by default at startup. The purpose of the cache is to improve startup performance.
+
+# The title of the experiment should be kept in English as it may be referenced
+# by various online articles and is technical in nature.
+experimental-features-cookie-samesite-schemeful =
+    .label = Cookies: Schemeful SameSite
+experimental-features-cookie-samesite-schemeful-description = Treat cookies from the same domain, but with different schemes (e.g. http://example.com and https://example.com) as cross-site instead of same-site. Improves security, but potentially introduces breakage.
--- a/toolkit/modules/tests/browser/browser_Troubleshoot.js
+++ b/toolkit/modules/tests/browser/browser_Troubleshoot.js
@@ -37,16 +37,17 @@ registerCleanupFunction(function() {
 
 var tests = [
   function setup(done) {
     SpecialPowers.pushPrefEnv(
       {
         set: [
           ["network.cookie.sameSite.laxByDefault", false],
           ["network.cookie.sameSite.noneRequiresSecure", false],
+          ["network.cookie.sameSite.schemeful", false],
         ],
       },
       done
     );
   },
 
   function snapshotSchema(done) {
     Troubleshoot.snapshot(function(snapshot) {