Bug 1551821 - Get rid of pref network.cookie.same-site.enabled, r=ckerschb
authorAndrea Marchesini <amarchesini@mozilla.com>
Wed, 15 May 2019 13:33:45 +0000
changeset 535820 dc2abf442548216e7f00e90700102d820ae7091b
parent 535819 3339438190872637a2fbb4225ff3dc71e61721a9
child 535821 b464eba7f66ca02f0e3f48d692da1c92ac871c9b
push id2082
push userffxbld-merge
push dateMon, 01 Jul 2019 08:34:18 +0000
treeherdermozilla-release@2fb19d0466d2 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersckerschb
bugs1551821
milestone68.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1551821 - Get rid of pref network.cookie.same-site.enabled, r=ckerschb Differential Revision: https://phabricator.services.mozilla.com/D31217
dom/security/test/general/test_same_site_cookies_about.html
dom/security/test/general/test_same_site_cookies_cross_origin_context.html
dom/security/test/general/test_same_site_cookies_from_script.html
dom/security/test/general/test_same_site_cookies_subrequest.html
dom/security/test/general/test_same_site_cookies_toplevel_nav.html
modules/libpref/init/all.js
netwerk/cookie/CookieServiceChild.cpp
netwerk/cookie/nsCookieService.cpp
netwerk/cookie/nsCookieService.h
toolkit/components/reader/test/browser_bug1453818_samesite_cookie.js
--- a/dom/security/test/general/test_same_site_cookies_about.html
+++ b/dom/security/test/general/test_same_site_cookies_about.html
@@ -18,126 +18,67 @@
  *    (a) cross-origin iframe
  *    (b) same-origin iframe
  *    which both load a:
  *     * nested about:srcdoc frame and nested about:blank frame
  *     * navigate about:srcdoc frame and navigate about:blank frame
  * 3) We evaluate that the same-site cookie is available in the same-origin case.
  */
 
-SimpleTest.registerCleanupFunction(() => {
-  SpecialPowers.clearUserPref("network.cookie.same-site.enabled");
-});
 SimpleTest.waitForExplicitFinish();
 
 const SAME_ORIGIN = "http://mochi.test:8888/"
 const CROSS_ORIGIN = "http://example.com/";
 const PATH = "tests/dom/security/test/general/file_same_site_cookies_about.sjs";
 
 let curTest = 0;
 
 var tests = [
   // NAVIGATION TESTS
   {
     description: "nested same origin iframe about:srcdoc navigation [mochi.test -> mochi.test -> about:srcdoc -> mochi.test]",
     frameSRC: SAME_ORIGIN + PATH + "?loadsrcdocframeNav",
-    sameSiteEnabled: true,
     result: "myKey=mySameSiteAboutCookie", // cookie should be set for baseline test
   },
   {
     description: "nested cross origin iframe about:srcdoc navigation [mochi.test -> example.com -> about:srcdoc -> mochi.test]",
     frameSRC: CROSS_ORIGIN + PATH + "?loadsrcdocframeNav",
-    sameSiteEnabled: true,
     result: "", // no same-site cookie should be available
   },
   {
     description: "nested same origin iframe about:blank navigation [mochi.test -> mochi.test -> about:blank -> mochi.test]",
     frameSRC: SAME_ORIGIN + PATH + "?loadblankframeNav",
-    sameSiteEnabled: true,
     result: "myKey=mySameSiteAboutCookie", // cookie should be set for baseline test
   },
   {
     description: "nested cross origin iframe about:blank navigation [mochi.test -> example.com -> about:blank -> mochi.test]",
     frameSRC: CROSS_ORIGIN + PATH + "?loadblankframeNav",
-    sameSiteEnabled: true,
     result: "", // no same-site cookie should be available
   },
-  {
-    description: "nested same origin iframe about:srcdoc navigation [mochi.test -> mochi.test -> about:srcdoc -> mochi.test] (same-site off)",
-    frameSRC: SAME_ORIGIN + PATH + "?loadsrcdocframeNav",
-    sameSiteEnabled: false,
-    result: "myKey=mySameSiteAboutCookie",
-  },
-  {
-    description: "nested cross origin iframe about:srcdoc navigation [mochi.test -> example.com -> about:srcdoc -> mochi.test] (same-site off)",
-    frameSRC: CROSS_ORIGIN + PATH + "?loadsrcdocframeNav",
-    sameSiteEnabled: false,
-    result: "myKey=mySameSiteAboutCookie",
-  },
-  {
-    description: "nested same origin iframe about:blank navigation [mochi.test -> mochi.test -> about:blank -> mochi.test] (same-site off)",
-    frameSRC: SAME_ORIGIN + PATH + "?loadblankframeNav",
-    sameSiteEnabled: false,
-    result: "myKey=mySameSiteAboutCookie",
-  },
-  {
-    description: "nested cross origin iframe about:blank navigation [mochi.test -> example.com -> about:blank -> mochi.test] (same-site off)",
-    frameSRC: CROSS_ORIGIN + PATH + "?loadblankframeNav",
-    sameSiteEnabled: false,
-    result: "myKey=mySameSiteAboutCookie",
-  },
   // INCLUSION TESTS
   {
     description: "nested same origin iframe about:srcdoc inclusion [mochi.test -> mochi.test -> about:srcdoc -> mochi.test]",
     frameSRC: SAME_ORIGIN + PATH + "?loadsrcdocframeInc",
-    sameSiteEnabled: true,
     result: "myKey=mySameSiteAboutCookie", // cookie should be set for baseline test
   },
   {
     description: "nested cross origin iframe about:srcdoc inclusion [mochi.test -> example.com -> about:srcdoc -> mochi.test]",
     frameSRC: CROSS_ORIGIN + PATH + "?loadsrcdocframeInc",
-    sameSiteEnabled: true,
     result: "", // no same-site cookie should be available
   },
   {
     description: "nested same origin iframe about:blank inclusion [mochi.test -> mochi.test -> about:blank -> mochi.test]",
     frameSRC: SAME_ORIGIN + PATH + "?loadblankframeInc",
-    sameSiteEnabled: true,
     result: "myKey=mySameSiteAboutCookie", // cookie should be set for baseline test
   },
   {
     description: "nested cross origin iframe about:blank inclusion [mochi.test -> example.com -> about:blank -> mochi.test]",
     frameSRC: CROSS_ORIGIN + PATH + "?loadblankframeInc",
-    sameSiteEnabled: true,
     result: "", // no same-site cookie should be available
   },
-  {
-    description: "nested same origin iframe about:srcdoc inclusion [mochi.test -> mochi.test -> about:srcdoc -> mochi.test] (same-site off)",
-    frameSRC: SAME_ORIGIN + PATH + "?loadsrcdocframeInc",
-    sameSiteEnabled: false,
-    result: "myKey=mySameSiteAboutCookie",
-  },
-  {
-    description: "nested cross origin iframe about:srcdoc inclusion [mochi.test -> example.com -> about:srcdoc -> mochi.test] (same-site off)",
-    frameSRC: CROSS_ORIGIN + PATH + "?loadsrcdocframeInc",
-    sameSiteEnabled: false,
-    result: "myKey=mySameSiteAboutCookie",
-  },
-  {
-    description: "nested same origin iframe about:blank inclusion [mochi.test -> mochi.test -> about:blank -> mochi.test] (same-site off)",
-    frameSRC: SAME_ORIGIN + PATH + "?loadblankframeInc",
-    sameSiteEnabled: false,
-    result: "myKey=mySameSiteAboutCookie",
-  },
-  {
-    description: "nested cross origin iframe about:blank inclusion [mochi.test -> example.com -> about:blank -> mochi.test] (same-site off)",
-    frameSRC: CROSS_ORIGIN + PATH + "?loadblankframeInc",
-    sameSiteEnabled: false,
-    result: "myKey=mySameSiteAboutCookie",
-  },
 ];
 
 window.addEventListener("message", receiveMessage);
 function receiveMessage(event) {
   is(event.data.result, tests[curTest].result, tests[curTest].description);
   curTest += 1;
 
   // lets see if we ran all the tests
@@ -151,17 +92,16 @@ function receiveMessage(event) {
 }
 
 function setupQueryResultAndRunTest() {
   let testframe = document.getElementById("testframe");
   testframe.src = tests[curTest].frameSRC + curTest;
 }
 
 function setCookieAndInitTest() {
-  SpecialPowers.setBoolPref("network.cookie.same-site.enabled", tests[curTest].sameSiteEnabled);
   var cookieImage = document.getElementById("cookieImage");
   cookieImage.onload = function() {
     ok(true, "trying to set cookie for test (" + tests[curTest].description + ")");
     setupQueryResultAndRunTest();
   }
   cookieImage.onerror = function() {
     ok(false, "could not load image for test (" + tests[curTest].description + ")");
   }
--- a/dom/security/test/general/test_same_site_cookies_cross_origin_context.html
+++ b/dom/security/test/general/test_same_site_cookies_cross_origin_context.html
@@ -19,55 +19,36 @@
  *    in the context of http://mochi.test
  * 2) We load an iframe from http://example.com and check if the cookie
  *    is available.
  * 3) We observe that:
  *    (a) same site cookie has been discarded in a cross origin context.
  *    (b) the regular cookie is available.
  */
 
-SimpleTest.registerCleanupFunction(() => {
-  SpecialPowers.clearUserPref("network.cookie.same-site.enabled");
-});
 SimpleTest.waitForExplicitFinish();
 
 const CROSS_ORIGIN = "http://example.com/";
 const PATH = "tests/dom/security/test/general/file_same_site_cookies_cross_origin_context.sjs";
 
 let curTest = 0;
 
 var tests = [
   {
-    description: "regular cookie in cross origin context (same-site: on)",
+    description: "regular cookie in cross origin context",
     imgSRC: CROSS_ORIGIN + PATH + "?setRegularCookie",
     frameSRC: CROSS_ORIGIN + PATH + "?loadFrame",
-    sameSiteEnabled: true,
     result: "myKey=regularCookie",
   },
   {
-    description: "same-site cookie in cross origin context (same-site: on)",
+    description: "same-site cookie in cross origin context",
     imgSRC: CROSS_ORIGIN + PATH + "?setSameSiteCookie",
     frameSRC: CROSS_ORIGIN + PATH + "?loadFrame",
-    sameSiteEnabled: true,
     result: "", // no cookie should be set
   },
-  {
-    description: "regular cookie in cross origin context (same-site: off)",
-    imgSRC: CROSS_ORIGIN + PATH + "?setRegularCookie",
-    frameSRC: CROSS_ORIGIN + PATH + "?loadFrame",
-    sameSiteEnabled: false,
-    result: "myKey=regularCookie",
-  },
-  {
-    description: "same-site cookie in cross origin context (same-site: off)",
-    imgSRC: CROSS_ORIGIN + PATH + "?setSameSiteCookie",
-    frameSRC: CROSS_ORIGIN + PATH + "?loadFrame",
-    sameSiteEnabled: false,
-    result: "myKey=strictSameSiteCookie",
-  },
 ];
 
 
 window.addEventListener("message", receiveMessage);
 function receiveMessage(event) {
   is(event.data.result, tests[curTest].result, tests[curTest].description);
   curTest += 1;
 
@@ -82,17 +63,16 @@ function receiveMessage(event) {
 }
 
 function setupQueryResultAndRunTest() {
   let testframe = document.getElementById("testframe");
   testframe.src = tests[curTest].frameSRC + curTest;
 }
 
 function setCookieAndInitTest() {
-  SpecialPowers.setBoolPref("network.cookie.same-site.enabled", tests[curTest].sameSiteEnabled);
   var cookieImage = document.getElementById("cookieImage");
   cookieImage.onload = function() {
     ok(true, "trying to set cookie for test (" + tests[curTest].description + ")");
     setupQueryResultAndRunTest();
   }
   cookieImage.onerror = function() {
     ok(false, "could not load image for test (" + tests[curTest].description + ")");
   }
--- a/dom/security/test/general/test_same_site_cookies_from_script.html
+++ b/dom/security/test/general/test_same_site_cookies_from_script.html
@@ -18,56 +18,37 @@
  *    inline script in top-level context of http://mochi.test.
  * 2) We load an iframe from http://example.com and check if the cookie
  *    is available.
  * 3) We observe that:
  *    (a) same site cookie is available in same origin context.
  *    (a) same site cookie has been discarded in a cross origin context.
  */
 
-SimpleTest.registerCleanupFunction(() => {
-  SpecialPowers.clearUserPref("network.cookie.same-site.enabled");
-});
 SimpleTest.waitForExplicitFinish();
 
 const SAME_ORIGIN = "http://mochi.test:8888/";
 const CROSS_ORIGIN = "http://example.com/";
 const PATH = "tests/dom/security/test/general/file_same_site_cookies_from_script.sjs";
 
 let curTest = 0;
 
 var tests = [
   {
     description: "same-site cookie inline script within same-site context",
     setCookieSrc: SAME_ORIGIN + PATH + "?setSameSiteCookieUsingInlineScript",
     getCookieSrc: SAME_ORIGIN + PATH + "?getCookieFrame",
-    sameSiteEnabled: true,
     result: "myKey=sameSiteCookieInlineScript",
   },
   {
     description: "same-site cookie inline script within cross-site context",
     setCookieSrc: CROSS_ORIGIN + PATH + "?setSameSiteCookieUsingInlineScript",
     getCookieSrc: CROSS_ORIGIN + PATH + "?getCookieFrame",
-    sameSiteEnabled: true,
     result: "", // same-site cookie should be discarded in cross site context
   },
-  {
-    description: "same-site cookie inline script within same-site context",
-    setCookieSrc: SAME_ORIGIN + PATH + "?setSameSiteCookieUsingInlineScript",
-    getCookieSrc: SAME_ORIGIN + PATH + "?getCookieFrame",
-    sameSiteEnabled: false,
-    result: "myKey=sameSiteCookieInlineScript",
-  },
-  {
-    description: "same-site cookie inline script within cross-site context",
-    setCookieSrc: CROSS_ORIGIN + PATH + "?setSameSiteCookieUsingInlineScript",
-    getCookieSrc: CROSS_ORIGIN + PATH + "?getCookieFrame",
-    sameSiteEnabled: false,
-    result: "myKey=sameSiteCookieInlineScript",
-  },
 ];
 
 window.addEventListener("message", receiveMessage);
 function receiveMessage(event) {
   is(event.data.result, tests[curTest].result, tests[curTest].description);
   curTest += 1;
 
   // lets see if we ran all the tests
@@ -81,17 +62,16 @@ function receiveMessage(event) {
 }
 
 function setupQueryResultAndRunTest() {
   let getCookieFrame = document.getElementById("getCookieFrame");
   getCookieFrame.src = tests[curTest].getCookieSrc + curTest;
 }
 
 function setCookieAndInitTest() {
-  SpecialPowers.setBoolPref("network.cookie.same-site.enabled", tests[curTest].sameSiteEnabled);
   var cookieFrame = document.getElementById("setCookieFrame");
   setCookieFrame.onload = function() {
     ok(true, "trying to set cookie for test (" + tests[curTest].description + ")");
     setupQueryResultAndRunTest();
   }
   setCookieFrame.onerror = function() {
     ok(false, "could not load image for test (" + tests[curTest].description + ")");
   }
--- a/dom/security/test/general/test_same_site_cookies_subrequest.html
+++ b/dom/security/test/general/test_same_site_cookies_subrequest.html
@@ -22,84 +22,49 @@
  *
  * In detail:
  * We perform an XHR request to the *.sjs file which is processed async on
  * the server and waits till the image request has been processed by the server.
  * Once the image requets was processed, the server responds to the initial
  * XHR request with the expecuted result (the cookie value).
  */
 
-SimpleTest.registerCleanupFunction(() => {
-  SpecialPowers.clearUserPref("network.cookie.same-site.enabled");
-});
 SimpleTest.waitForExplicitFinish();
 
 const SAME_ORIGIN = "http://mochi.test:8888/";
 const CROSS_ORIGIN = "http://example.com/";
 const PATH = "tests/dom/security/test/general/file_same_site_cookies_subrequest.sjs";
 
 let curTest = 0;
 
 var tests = [
   {
     description: "same origin site using cookie policy 'samesite=strict'",
     imgSRC: SAME_ORIGIN + PATH + "?setStrictSameSiteCookie",
     frameSRC: SAME_ORIGIN + PATH + "?loadFrame",
-    sameSiteEnabled: true,
     result: "myKey=strictSameSiteCookie",
   },
   {
     description: "cross origin site using cookie policy 'samesite=strict'",
     imgSRC: SAME_ORIGIN + PATH + "?setStrictSameSiteCookie",
     frameSRC: CROSS_ORIGIN + PATH + "?loadFrame",
-    sameSiteEnabled: true,
     result: "myKey=noCookie",
   },
   {
     description: "same origin site using cookie policy 'samesite=lax'",
     imgSRC: SAME_ORIGIN + PATH + "?setLaxSameSiteCookie",
     frameSRC: SAME_ORIGIN + PATH + "?loadFrame",
-    sameSiteEnabled: true,
     result: "myKey=laxSameSiteCookie",
   },
   {
     description: "cross origin site using cookie policy 'samesite=lax'",
     imgSRC: SAME_ORIGIN + PATH + "?setLaxSameSiteCookie",
     frameSRC: CROSS_ORIGIN + PATH + "?loadFrame",
-    sameSiteEnabled: true,
     result: "myKey=noCookie",
   },
-  {
-    description: "same origin site using cookie policy 'samesite=strict'",
-    imgSRC: SAME_ORIGIN + PATH + "?setStrictSameSiteCookie",
-    frameSRC: SAME_ORIGIN + PATH + "?loadFrame",
-    sameSiteEnabled: false,
-    result: "myKey=strictSameSiteCookie",
-  },
-  {
-    description: "cross origin site using cookie policy 'samesite=strict'",
-    imgSRC: SAME_ORIGIN + PATH + "?setStrictSameSiteCookie",
-    frameSRC: CROSS_ORIGIN + PATH + "?loadFrame",
-    sameSiteEnabled: false,
-    result: "myKey=strictSameSiteCookie",
-  },
-  {
-    description: "same origin site using cookie policy 'samesite=lax'",
-    imgSRC: SAME_ORIGIN + PATH + "?setLaxSameSiteCookie",
-    frameSRC: SAME_ORIGIN + PATH + "?loadFrame",
-    sameSiteEnabled: false,
-    result: "myKey=laxSameSiteCookie",
-  },
-  {
-    description: "cross origin site using cookie policy 'samesite=lax'",
-    imgSRC: SAME_ORIGIN + PATH + "?setLaxSameSiteCookie",
-    frameSRC: CROSS_ORIGIN + PATH + "?loadFrame",
-    sameSiteEnabled: false,
-    result: "myKey=laxSameSiteCookie",
-  },
 ];
 
 function checkResult(aCookieVal) {
   is(aCookieVal, tests[curTest].result, tests[curTest].description);
   curTest += 1;
 
   // lets see if we ran all the tests
   if (curTest == tests.length) {
@@ -124,17 +89,16 @@ function setupQueryResultAndRunTest() {
   // give it some time and load the test frame
   SimpleTest.executeSoon(function() {
     let testframe = document.getElementById("testframe");
     testframe.src = tests[curTest].frameSRC + curTest;
   });
 }
 
 function setCookieAndInitTest() {
-  SpecialPowers.setBoolPref("network.cookie.same-site.enabled", tests[curTest].sameSiteEnabled);
   var cookieImage = document.getElementById("cookieImage");
   cookieImage.onload = function() {
     ok(true, "set cookie for test (" + tests[curTest].description + ")");
     setupQueryResultAndRunTest();
   }
   cookieImage.onerror = function() {
     ok(false, "could not set cookie for test (" + tests[curTest].description + ")");
   }
--- a/dom/security/test/general/test_same_site_cookies_toplevel_nav.html
+++ b/dom/security/test/general/test_same_site_cookies_toplevel_nav.html
@@ -23,82 +23,47 @@
  *
  * In detail:
  * We perform an XHR request to the *.sjs file which is processed async on
  * the server and waits till the image request has been processed by the server.
  * Once the image requets was processed, the server responds to the initial
  * XHR request with the expecuted result (the cookie value).
  */
 
-SimpleTest.registerCleanupFunction(() => {
-  SpecialPowers.clearUserPref("network.cookie.same-site.enabled");
-});
 SimpleTest.waitForExplicitFinish();
 
 const SAME_ORIGIN = "http://mochi.test:8888/";
 const CROSS_ORIGIN = "http://example.com/";
 const PATH = "tests/dom/security/test/general/file_same_site_cookies_toplevel_nav.sjs";
 
 let curTest = 0;
 
 var tests = [
   {
     description: "same origin navigation using cookie policy 'samesite=strict'",
     imgSRC: SAME_ORIGIN + PATH + "?setStrictSameSiteCookie",
     frameSRC: SAME_ORIGIN + PATH + "?loadFrame",
-    sameSiteEnabled: true,
     result: "myKey=strictSameSiteCookie",
   },
   {
     description: "cross origin navigation using cookie policy 'samesite=strict'",
     imgSRC: SAME_ORIGIN + PATH + "?setStrictSameSiteCookie",
     frameSRC: CROSS_ORIGIN + PATH + "?loadFrame",
-    sameSiteEnabled: true,
     result: "myKey=noCookie",
   },
   {
     description: "same origin navigation using cookie policy 'samesite=lax'",
     imgSRC: SAME_ORIGIN + PATH + "?setLaxSameSiteCookie",
     frameSRC: SAME_ORIGIN + PATH + "?loadFrame",
-    sameSiteEnabled: true,
     result: "myKey=laxSameSiteCookie",
   },
   {
     description: "cross origin navigation using cookie policy 'samesite=lax'",
     imgSRC: SAME_ORIGIN + PATH + "?setLaxSameSiteCookie",
     frameSRC: CROSS_ORIGIN + PATH + "?loadFrame",
-    sameSiteEnabled: true,
-    result: "myKey=laxSameSiteCookie",
-  },
-  {
-    description: "same origin navigation using cookie policy 'samesite=strict'",
-    imgSRC: SAME_ORIGIN + PATH + "?setStrictSameSiteCookie",
-    frameSRC: SAME_ORIGIN + PATH + "?loadFrame",
-    sameSiteEnabled: false,
-    result: "myKey=strictSameSiteCookie",
-  },
-  {
-    description: "cross origin navigation using cookie policy 'samesite=strict'",
-    imgSRC: SAME_ORIGIN + PATH + "?setStrictSameSiteCookie",
-    frameSRC: CROSS_ORIGIN + PATH + "?loadFrame",
-    sameSiteEnabled: false,
-    result: "myKey=strictSameSiteCookie",
-  },
-  {
-    description: "same origin navigation using cookie policy 'samesite=lax'",
-    imgSRC: SAME_ORIGIN + PATH + "?setLaxSameSiteCookie",
-    frameSRC: SAME_ORIGIN + PATH + "?loadFrame",
-    sameSiteEnabled: false,
-    result: "myKey=laxSameSiteCookie",
-  },
-  {
-    description: "cross origin navigation using cookie policy 'samesite=lax'",
-    imgSRC: SAME_ORIGIN + PATH + "?setLaxSameSiteCookie",
-    frameSRC: CROSS_ORIGIN + PATH + "?loadFrame",
-    sameSiteEnabled: false,
     result: "myKey=laxSameSiteCookie",
   },
 ];
 
 function checkResult(aCookieVal) {
   is(aCookieVal, tests[curTest].result, tests[curTest].description);
   curTest += 1;
 
@@ -125,17 +90,16 @@ function setupQueryResultAndRunTest() {
   // give it some time and load the test window
   SimpleTest.executeSoon(function() {
     let testframe = document.getElementById("testframe");
     testframe.src = tests[curTest].frameSRC + curTest;
   });
 }
 
 function setCookieAndInitTest() {
-  SpecialPowers.setBoolPref("network.cookie.same-site.enabled", tests[curTest].sameSiteEnabled);
   var cookieImage = document.getElementById("cookieImage");
   cookieImage.onload = function() {
     ok(true, "set cookie for test (" + tests[curTest].description + ")");
     setupQueryResultAndRunTest();
   }
   cookieImage.onerror = function() {
     ok(false, "could not set cookie for test (" + tests[curTest].description + ")");
   }
--- a/modules/libpref/init/all.js
+++ b/modules/libpref/init/all.js
@@ -2345,17 +2345,16 @@ pref("network.proxy.socks_remote_dns",  
 pref("network.proxy.proxy_over_tls",        true);
 pref("network.proxy.no_proxies_on",         "");
 // Set true to allow resolving proxy for localhost
 pref("network.proxy.allow_hijacking_localhost", false);
 pref("network.proxy.failover_timeout",      1800); // 30 minutes
 pref("network.online",                      true); //online/offline
 pref("network.cookie.thirdparty.sessionOnly", false);
 pref("network.cookie.thirdparty.nonsecureSessionOnly", false);
-pref("network.cookie.same-site.enabled",    true); // Honor the SameSite cookie attribute
 
 // The interval in seconds to move the cookies in the child process.
 // Set to 0 to disable moving the cookies.
 pref("network.cookie.move.interval_sec",    10);
 
 pref("network.cookie.maxNumber", 3000);
 pref("network.cookie.maxPerHost", 180);
 // Cookies quota for each host. If cookies exceed the limit maxPerHost,
--- a/netwerk/cookie/CookieServiceChild.cpp
+++ b/netwerk/cookie/CookieServiceChild.cpp
@@ -341,17 +341,17 @@ void CookieServiceChild::GetCookieString
       continue;
     }
 
     // if the cookie is secure and the host scheme isn't, we can't send it
     if (cookie->IsSecure() && !isSecure) continue;
 
     int32_t sameSiteAttr = 0;
     cookie->GetSameSite(&sameSiteAttr);
-    if (aIsSameSiteForeign && nsCookieService::IsSameSiteEnabled()) {
+    if (aIsSameSiteForeign) {
       // it if's a cross origin request and the cookie is same site only
       // (strict) don't send it
       if (sameSiteAttr == nsICookie2::SAMESITE_STRICT) {
         continue;
       }
       // if it's a cross origin request, the cookie is same site lax, but it's
       // not a top-level navigation, don't send it
       if (sameSiteAttr == nsICookie2::SAMESITE_LAX && !aIsSafeTopLevelNav) {
--- a/netwerk/cookie/nsCookieService.cpp
+++ b/netwerk/cookie/nsCookieService.cpp
@@ -75,17 +75,16 @@ using namespace mozilla::net;
 #define DEFAULT_APP_KEY(baseDomain) nsCookieKey(baseDomain, OriginAttributes())
 
 /******************************************************************************
  * nsCookieService impl:
  * useful types & constants
  ******************************************************************************/
 
 static StaticRefPtr<nsCookieService> gCookieService;
-bool nsCookieService::sSameSiteEnabled = false;
 
 // XXX_hack. See bug 178993.
 // This is a hack to hide HttpOnly cookies from older browsers
 #define HTTP_ONLY_PREFIX "#HttpOnly_"
 
 #define COOKIES_FILE "cookies.sqlite"
 #define COOKIES_SCHEMA_VERSION 9
 
@@ -2971,26 +2970,16 @@ bool nsCookieService::DomainMatches(nsCo
                                     const nsACString& aHost) {
   // first, check for an exact host or domain cookie match, e.g. "google.com"
   // or ".google.com"; second a subdomain match, e.g.
   // host = "mail.google.com", cookie domain = ".google.com".
   return aCookie->RawHost() == aHost ||
          (aCookie->IsDomain() && StringEndsWith(aHost, aCookie->Host()));
 }
 
-bool nsCookieService::IsSameSiteEnabled() {
-  static bool prefInitialized = false;
-  if (!prefInitialized) {
-    Preferences::AddBoolVarCache(&sSameSiteEnabled,
-                                 "network.cookie.same-site.enabled", false);
-    prefInitialized = true;
-  }
-  return sSameSiteEnabled;
-}
-
 bool nsCookieService::PathMatches(nsCookie* aCookie, const nsACString& aPath) {
   // calculate cookie path length, excluding trailing '/'
   uint32_t cookiePathLen = aCookie->Path().Length();
   if (cookiePathLen > 0 && aCookie->Path().Last() == '/') --cookiePathLen;
 
   // if the given path is shorter than the cookie path, it doesn't match
   // if the given path doesn't start with the cookie path, it doesn't match.
   if (!StringBeginsWith(aPath, Substring(aCookie->Path(), 0, cookiePathLen)))
@@ -3106,17 +3095,17 @@ void nsCookieService::GetCookiesForURI(
     // check the host, since the base domain lookup is conservative.
     if (!DomainMatches(cookie, hostFromURI)) continue;
 
     // if the cookie is secure and the host scheme isn't, we can't send it
     if (cookie->IsSecure() && !isSecure) continue;
 
     int32_t sameSiteAttr = 0;
     cookie->GetSameSite(&sameSiteAttr);
-    if (aIsSameSiteForeign && IsSameSiteEnabled()) {
+    if (aIsSameSiteForeign) {
       // it if's a cross origin request and the cookie is same site only
       // (strict) don't send it
       if (sameSiteAttr == nsICookie2::SAMESITE_STRICT) {
         continue;
       }
       // if it's a cross origin request, the cookie is same site lax, but it's
       // not a top-level navigation, don't send it
       if (sameSiteAttr == nsICookie2::SAMESITE_LAX && !aIsSafeTopLevelNav) {
@@ -3369,17 +3358,17 @@ bool nsCookieService::CanSetCookie(nsIUR
     COOKIE_LOGFAILURE(SET_COOKIE, aHostURI, aCookieHeader,
                       "non-https cookie can't set secure flag");
     return newCookie;
   }
 
   // If the new cookie is same-site but in a cross site context,
   // browser must ignore the cookie.
   if ((aCookieAttributes.sameSite != nsICookie2::SAMESITE_UNSET) &&
-      aThirdPartyUtil && IsSameSiteEnabled()) {
+      aThirdPartyUtil) {
     // Do not treat loads triggered by web extensions as foreign
     bool addonAllowsLoad = false;
     if (aChannel) {
       nsCOMPtr<nsIURI> channelURI;
       NS_GetFinalChannelURI(aChannel, getter_AddRefs(channelURI));
       nsCOMPtr<nsILoadInfo> loadInfo = aChannel->LoadInfo();
       addonAllowsLoad = BasePrincipal::Cast(loadInfo->TriggeringPrincipal())
                             ->AddonAllowsLoad(channelURI);
--- a/netwerk/cookie/nsCookieService.h
+++ b/netwerk/cookie/nsCookieService.h
@@ -245,17 +245,16 @@ class nsCookieService final : public nsI
   static nsAutoCString GetPathFromURI(nsIURI* aHostURI);
   static nsresult GetBaseDomain(nsIEffectiveTLDService* aTLDService,
                                 nsIURI* aHostURI, nsCString& aBaseDomain,
                                 bool& aRequireHostMatch);
   static nsresult GetBaseDomainFromHost(nsIEffectiveTLDService* aTLDService,
                                         const nsACString& aHost,
                                         nsCString& aBaseDomain);
   static bool DomainMatches(nsCookie* aCookie, const nsACString& aHost);
-  static bool IsSameSiteEnabled();
   static bool PathMatches(nsCookie* aCookie, const nsACString& aPath);
   static bool CanSetCookie(nsIURI* aHostURI, const nsCookieKey& aKey,
                            nsCookieAttributes& aCookieAttributes,
                            bool aRequireHostMatch, CookieStatus aStatus,
                            nsDependentCString& aCookieHeader,
                            int64_t aServerTime, bool aFromHttp,
                            nsIChannel* aChannel, bool& aSetCookie,
                            mozIThirdPartyUtil* aThirdPartyUtil);
--- a/toolkit/components/reader/test/browser_bug1453818_samesite_cookie.js
+++ b/toolkit/components/reader/test/browser_bug1453818_samesite_cookie.js
@@ -20,34 +20,28 @@ async function clickLink(browser) {
 async function checkCookiePresent(browser) {
   await ContentTask.spawn(browser, null, async function() {
     let cookieSpan = content.document.getElementById("cookieSpan");
     ok(cookieSpan, "cookieSpan element should be in document");
     is(cookieSpan.textContent, "foo=bar", "The SameSite cookie was sent correctly.");
   });
 }
 
-async function checkCookie(sameSiteEnabled, browser) {
-  if (sameSiteEnabled) {
-    info("Check that the SameSite cookie was not sent.");
-    await ContentTask.spawn(browser, null, async function() {
-      let cookieSpan = content.document.getElementById("cookieSpan");
-      ok(cookieSpan, "cookieSpan element should be in document");
-      is(cookieSpan.textContent, "", "The SameSite cookie was blocked correctly.");
-    });
-  } else {
-    info("Check that the SameSite cookie was sent.");
-    await checkCookiePresent(browser);
-  }
+async function checkCookie(browser) {
+  info("Check that the SameSite cookie was not sent.");
+  await ContentTask.spawn(browser, null, async function() {
+    let cookieSpan = content.document.getElementById("cookieSpan");
+    ok(cookieSpan, "cookieSpan element should be in document");
+    is(cookieSpan.textContent, "", "The SameSite cookie was blocked correctly.");
+  });
 }
 
-async function runTest(sameSiteEnabled) {
+async function runTest() {
   await SpecialPowers.pushPrefEnv({
-    set: [["network.cookie.same-site.enabled", sameSiteEnabled],
-          ["reader.parse-on-load.enabled", true]],
+    set: [["reader.parse-on-load.enabled", true]],
   });
 
   info("Set a SameSite=strict cookie.");
   await BrowserTestUtils.withNewTab(TEST_ORIGIN1 + "setSameSiteCookie.html", () => {});
 
   info("Check that the cookie has been correctly set.");
   await BrowserTestUtils.withNewTab(TEST_ORIGIN1 + "getCookies.html", async function(browser) {
     await checkCookiePresent(browser);
@@ -64,32 +58,32 @@ async function runTest(sameSiteEnabled) 
       pageLoaded = BrowserTestUtils.waitForContentEvent(browser, "DOMContentLoaded");
       return t;
     }, false);
 
     info("Waiting for the page to load in normal mode...");
     await pageLoaded;
 
     await clickLink(browser);
-    await checkCookie(sameSiteEnabled, browser);
+    await checkCookie(browser);
     await BrowserTestUtils.removeTab(tab);
   }
 
   info("Open the cross-origin page again.");
   await BrowserTestUtils.withNewTab(TEST_ORIGIN2 + "linkToGetCookies.html", async function(browser) {
     let pageShown = BrowserTestUtils.waitForContentEvent(browser, "AboutReaderContentReady");
     let readerButton = document.getElementById("reader-mode-button");
     ok(readerButton, "readerButton should be available");
     readerButton.click();
 
     info("Waiting for the page to be displayed in reader mode...");
     await pageShown;
 
     await clickLink(browser);
-    await checkCookie(sameSiteEnabled, browser);
+    await checkCookie(browser);
   });
 }
 
 add_task(async function() {
   await runTest(true);
 });
 
 add_task(async function() {