Add ways to differentiate cookies in iOS 9 / OS X 10.11 Content Blockers

Originator:eivind.bohler
Number:rdar://22560711 Date Originated:03-Sep-2015
Status:Open Resolved:
Product:iOS Product Version:9.0
Classification:Feature (New) Reproducible:N/A
 
Summary:
I'd like my content blockers to be able to block tracking cookies, while letting the browser be able to log in to protected web sites, use shopping carts and  other things that are usually provided by session cookies. In addition, I'd like to have the ability to only accept Secure and/or HttpOnly cookies.

In other words, I'd like to be able to target specific cookies based on the existence (or lack of) specific keys.

I've attached an JSON file that illustrates an example blocking action that should block all cookies that:
1. Either has the keys "Expires" or "Max-Age", aka. a non-session cookie
2. Does not have both keys "Secure" and "HttpOnly".

Steps to Reproduce:
N/A

Expected Results:
N/A

Actual Results:
N/A

Version:
iOS 9, OS X 10.11

Notes:


Configuration:
Devices running iOS 9 or OS X 10.11

Attachments:
'example.json':
[
  {
    "action": {
      "type": "block-cookies",
      "cookie-keys": [
        {
          "if-contains": [
            "Expires",
            "Max-Age"
          ]
        },
        {
          "unless-contains": [
            "Secure"
          ]
        },
        {
          "unless-contains": [
            "HttpOnly"
          ]
        }
      ]
    },
    "trigger": {
      "url-filter": ".*"
    }
  }
]

Comments


Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!