An interface to test for cookie permissions
setAccess
this method is called to block cookie access for the given URI. this
may result in other URIs being blocked as well (e.g., URIs which share
the same host name).
| aURI | the URI to block |
| aAccess | the new cookie access for the URI. |
canAccess
this method is called to test whether or not the given URI/channel may
access the cookie database, either to set or get cookies.
| aURI | the URI trying to access cookies |
| aChannel | the channel corresponding to aURI |
| one of the following nsCookieAccess values: ACCESS_DEFAULT, ACCESS_ALLOW, ACCESS_DENY, or ACCESS_ALLOW_FIRST_PARTY_ONLY |
canSetCookie
this method is called to test whether or not the given URI/channel may
set a specific cookie. this method is always preceded by a call to
canAccess. it may modify the isSession and expiry attributes of the
cookie via the aIsSession and aExpiry parameters, in order to limit
or extend the lifetime of the cookie. this is useful, for instance, to
downgrade a cookie to session-only if it fails to meet certain criteria.
| aURI | the URI trying to set the cookie |
| aChannel | the channel corresponding to aURI |
| aCookie | the cookie being added to the cookie database |
| aIsSession | when canSetCookie is invoked, this is the current isSession attribute of the cookie. canSetCookie may leave this value unchanged to preserve this attribute of the cookie. |
| aExpiry | when canSetCookie is invoked, this is the current expiry time of the cookie. canSetCookie may leave this value unchanged to preserve this attribute of the cookie. |
| true if the cookie can be set. |
nsCookieAccess values
additional values for nsCookieAccess which may not match
nsIPermissionManager. Keep 3-7 available to allow nsIPermissionManager to
add values without colliding. ACCESS_SESSION is not directly returned by
any methods on this interface.