Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Proposal: add cookies.removeAll() method #690

Open
wants to merge 11 commits into
base: main
Choose a base branch
from
Open

Proposal: add cookies.removeAll() method #690

Changes from 1 commit
Commits
Show all changes
11 commits
Select commit Hold shift + click to select a range
e34be81
Create Proposal: add cookies.removeAll() method.md
aselya Sep 18, 2024
e8dae2e
Update proposals/Proposal: add cookies.removeAll() method.md
aselya Oct 1, 2024
d42833a
Update Proposal: add cookies.removeAll() method.md
aselya Oct 1, 2024
dac145f
Update Proposal: add cookies.removeAll() method.md
aselya Oct 1, 2024
5682b4c
Update Proposal: add cookies.removeAll() method.md
aselya Oct 1, 2024
bf51fe9
Update Proposal: add cookies.removeAll() method.md
aselya Oct 2, 2024
1c7ffcf
Update Proposal: add cookies.removeAll() method.md
aselya Oct 2, 2024
d7d953b
Update Proposal: add cookies.removeAll() method.md
aselya Oct 3, 2024
76f57be
Update Proposal: add cookies.removeAll() method.md
aselya Oct 8, 2024
8f17da2
Update Proposal: add cookies.removeAll() method.md
aselya Oct 8, 2024
7330453
Update Proposal: add cookies.removeAll() method.md
aselya Jan 14, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
147 changes: 147 additions & 0 deletions proposals/Proposal: add cookies.removeAll() method.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,147 @@
**Summary**

Adds a new API `cookies.removeAll()` to allow for the removal of multiple cookies with a single call.

**Document Metadata**

**Author:** [aselya](https://github.com/aselya)

**Sponsoring Browser:** Chrome

**Contributors:**

**Created:** 2024-09-18

**Related Issues:** [PrivacyCG/CHIPS issue 6 - How do Partitioned cookies interact with browser extensions?](https://github.com/privacycg/CHIPS/issues/6)
aselya marked this conversation as resolved.
Show resolved Hide resolved

## Motivation

Prior to the introduction of [partitioned cookies](https://github.com/privacycg/CHIPS), the required parameters (`url` and `name`) used by the existing `cookies.remove()` api would be unique to a single cookie. The inclusion of an optional `partitionKey` means that there can be more than one cookie that matches the currently required parameters for `cookies.remove()`. Because of this, handling partitioned cookies with `cookies.remove()` requires additional steps which can be simplified by the inclusion of this new API.
aselya marked this conversation as resolved.
Show resolved Hide resolved

### Objective

This new API addresses two workflows for developers:
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It seems that the examples you provided is how extensions would have to achieve the functionality these days. Can you rephrase to emphasize that? To someone not deeply aware of the details, it can be read as part of the proposal for something net, not of existing behavior.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Updated the language and I would appreciate feedback on if my rephrasing addresses the issue you brought up.

##### Removal of cookies with the same url and name combination but different partitionKey values:
Since the introduction of partitioned cookies, to remove all the cookies with the same `url` and `name` a developer must first call `cookies.getAll()` to get all of the partitioned and unpartitioned cookies associated with the values. Then use the results of that call to make individual calls to `cookies.remove()` to delete each cookie.

##### Removal of cookies associated with a topLevelSite:
To remove all the cookies associated with a `topLevelSite`, a developer must first call `cookies.getAll({})` to retrieve all partitioned and unpartitioned cookies. Then filter the results to identify cookies that have a value for `topLevelSite` of their `partitionKey` match the desired `topLevelSite`. Finally the developer will need to make individual calls to `cookies.remove()` to delete each cookie.

#### Use Cases

##### Cookie Manager:

Let's say a cookie manager extension (with host permissions) is used by users to remove their cookies. Using `cookies.removeAll()` would ensure that the cookie manager extension is removing all the cookies associated with a `topLevelSite` correctly. Instead of relying on the developer of the extension to make a call to `cookies.getAll()` followed by call(s) to `cookies.remove()`. Reducing complexity for the developers while improving performance of the extension.

### Known Consumers

All extensions that access and/or modify cookies with awareness of partitioned cookies, through the use of the `partitionKey` property in the `cookies` extension API.

## Specification


### Schema

##### Syntax

```
let removed = await browser.cookies.removeAll(
details // object
)
```
##### Parameters
An `object` containing information to identify the cookie(s) to remove. It contains the following properties:
aselya marked this conversation as resolved.
Show resolved Hide resolved

>[`name`](https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/API/cookies/remove#name) optional:
>
>A `string` representing the name of the cookie to remove.
>
>[`partitionKey`](https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/API/cookies/remove#partitionkey) optional:
>
>An object representing the storage partition containing the cookie.
>
>[`topLevelSite`](https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/API/cookies/remove#toplevelsite) optional:
>
>A `string` representing the first-party URL of the top-level site storage partition containing the cookie.
>
>[`storeId`](https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/API/cookies/remove#storeid) optional:
>
>A `string` representing the ID of the cookie store to find the cookie in. If unspecified, the cookie is looked for by default in the current execution context's cookie store.
>
>[`url`](https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/API/cookies/remove#url) optional:
>
>A `string` representing the URL associated with the cookie.

aselya marked this conversation as resolved.
Show resolved Hide resolved
### Behavior

The API will remove all cookies that match the `details` object parameter with the exception of the cases outlined in the implementation details.
If the extension does not have [host permissions](https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/manifest.json/permissions#host_permissions) for this URL, the API call will fail.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If we allow calling this API without a url (see below) we should add a note here about the behavior if you only have some host permissions. Presumably, we would just remove the cookies for the sites you have access to.


### New Permissions
No new permissions are required.

### Manifest File Changes
No new manifest fields are required.

## Security and Privacy
Incorrect usage can lead to the removal of cookies that are not intended.

### Exposed Sensitive Data
None

### Abuse Mitigations
To remove a cookie, the extension must have host permissions for the `url` associated with the cookie.


## Alternatives
None

### Existing Workarounds

The behavior introduced by this API can be replicated by using a combination of `cookies.getAll()` and `cookies.remove()`.

### Open Web API

The cookies API is specific to extensions

## Implementation Notes

Host permissions are required for this API.
#### Special cases:
```cookies.removeAll({})```

>An empty details object will result in all cookies being removed.
aselya marked this conversation as resolved.
Show resolved Hide resolved

```
cookies.removeAll({
partitionKey:{}})
```

>An empty `partitionKey` object as the only value in the details object, will result in all partitioned cookies being removed.
aselya marked this conversation as resolved.
Show resolved Hide resolved

```
cookies.removeAll({
name: “example”,
url: “https://example.com”,
partitionKey:{}
})
```

>An empty `partitionKey` object with other values populated, will result in both unpartitioned and partitioned cookies that also match the other values provided will be removed.

```
cookies.removeAll({
topLevelSite: “https://example.com”
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why is topLevelSite a separate key? I would expect it to be a member of partitionKey.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Having topLevelSite be a separate (optional) parameter addresses the second motivation "Removal of cookies associated with a topLevelSite".

This could be replaced by having the developer pass in a partitionKey that contains the toplevelSite and no value for hasCrossSiteAncestor, such aspartitionKey:{topLevelSite: "https/example.com"}. But I wanted to provide an easier option for developers who may not be as familiar with the intricacies of partitioned cookies.

})
```

>If `topLevelSite` is the only argument, it will result in all cookies that have that value as the `topLevelSite` in their `partitionKey` being removed.

```
cookies.removeAll({
topLevelSite: “https://example.com”,
partitionKey:{topLevelSite: “https://foo.com”}
})
```

>If the `topLevelSite` differs from the `topLevelSite`, if present, in the `partitionKey` an error will be returned.