Proposal: add cookies.removeAll() method #690
Conversation
Initial draft
| ### Behavior | ||
|
|
||
| The API will remove all cookies that match the `details` object parameter with the exception of the cases outlined in the implementation details. | ||
| If the extension does not have [host permissions](https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/manifest.json/permissions#host_permissions) for this URL, the API call will fail. |
There was a problem hiding this comment.
If we allow calling this API without a url (see below) we should add a note here about the behavior if you only have some host permissions. Presumably, we would just remove the cookies for the sites you have access to.
aselya
changed the title
|
|
||
| ### Objective | ||
|
|
||
| This new API addresses two workflows for developers: |
There was a problem hiding this comment.
It seems that the examples you provided is how extensions would have to achieve the functionality these days. Can you rephrase to emphasize that? To someone not deeply aware of the details, it can be read as part of the proposal for something net, not of existing behavior.
There was a problem hiding this comment.
Updated the language and I would appreciate feedback on if my rephrasing addresses the issue you brought up.
aselya
changed the title
|
Wanted to add some context to why I'm proposing this. When working on updating the implementation of the cookies API to include the Despite the behavior being a bug, I found the ability to delete multiple cookies with the same call to be quite useful and thought it made sense to add it to the cookies api. |
Updating parameters to explicitly reference cookies.remove Co-authored-by: Rob Wu <[email protected]>
Add more related issues Update the motivation language to reflect the related issues.
Add link to bug in the motivation
Update the objective to be more explicit about the pain point for developers.
Update language in objective.
Update language to make `{}` and error
|
|
||
| ``` | ||
| cookies.removeAll({ | ||
| topLevelSite: “https://example.com” |
There was a problem hiding this comment.
Why is topLevelSite a separate key? I would expect it to be a member of partitionKey.
There was a problem hiding this comment.
Having topLevelSite be a separate (optional) parameter addresses the second motivation "Removal of cookies associated with a topLevelSite".
This could be replaced by having the developer pass in a partitionKey that contains the toplevelSite and no value for hasCrossSiteAncestor, such aspartitionKey:{topLevelSite: "https/example.com"}. But I wanted to provide an easier option for developers who may not be as familiar with the intricacies of partitioned cookies.
Update case: `partitionKey : {}` to match `cookies.getAll`
Update requirements of details object.
Added more detailed description of host permissions impact on API call
Proposal introducing a new API cookies.removeAll()