Data Manager

From MozillaZine Knowledge Base
Jump to navigationJump to search

The Data Manager is built in to SeaMonkey 2.x and available as a Firefox add-on.

It lets you control the browser's behavior on a specific site or domain, and view/edit information stored for that site.

Tabs for site data

It has tabs that let you can view and delete a site's data with respect to:

Cookies
View and remove the cookies that a site has stored
Permissions
Edit or add new permissions controlling whether a site is allowed to:
  • Use XUL/XBL Markup
  • Set Cookies
  • Share Location
  • Load Images
  • Install Add-ons
  • Run Plugins
  • Offline Web Applications
  • Save Passwords
  • Activate Plugins
  • Open Popup Windows
  • Run Scripts
  • Load Stylesheets
Preferences
view and remove per-site preferences, such as browser zoom amount, the file system directory for uploaded/downloaded content, etc.
Passwords
view and remove the username + password combinations used to login to sites
Form Data
view and remove the values you entered for different form field names, for example many sites have a form field internally named email or AuthorEmail or ContactEmail. These appear in a drop-down in any form field with the same internal name to ease filling in.

Much of this data is set as you interact with sites in the browser, depending on how you respond to prompts such as "Allow this site to access your location", "Would you like to remember the password for username on the site xyz. The Data Manager lets you review it and remove it.

Opening the Data Manager

  • You open Data Manager from the menu item "Tools -> Data Manager".
  • You can enter about:data in the Location Bar
  • from "Edit -> Preferences -> Privacy & Security -> Cookies" you can click the [Cookie Manager] button.

Sites and domains

The Data Manager organizes settings by "extended toplevel domain". For example, you may have cookies or permissions just for the docs.google.com site and others that apply to the entire google.com domain. They all appear under "google.com" in the domain list, so don't search for the "docs.google.com", just search for the domain "google.com".

A domain is not necessarily a two-part name.suffix; for example, data for a UK site test.example.co.uk appears in the domain example.co.uk.

Note that "Form Data" is global, it is not remembered for particular sites.

Adding permissions for a site

It's easy to review existing data and permissions for a site. Adding a permission for a site that isn't in the list is less intuitive. One recipe is:

  1. choose All data types
  2. clear the "Search Domains" search box if you've searched
  3. in the Domain list, click the * at the top
  4. at the bottom of the main window (ignore the tabs at the top)
    1. click [Add]
    2. enter a site name (can be a partial domain instead of a specific site, e.g. google.com docs.google.com)
    3. choose the type of permission in the Select a type pop-up list
    4. click [Add]
  5. fill in the info for the permission,
  6. click [Add]

To verify the new permission is there, search for the second-level domain in the Domain list E.g. if you added a setting for foo.example.com, search for example.com. Then click the Permissions tab and review the permission.

Notes on security and data

In general it's safe to clear all' of this information. Web sites should be able to reconstruct their interaction with you. You can simply create a new profile to lose all the saved information.

The issue is whether you can remember all the information you have provided to the site.

Note that anyone with physical access to the computer running your browser can discover all this information whether or not Data Manager is installed. The browser is remembering it for you, Data Manager lets you review and delete it.

You may want to use a master password so that someone with access to your computer cannot simply start your browser and access your information.

Web sites ordinarily can't access the information the browser saves until it appears in the web page. For example a form on the site evilbadguys.com can't read your saved username and password for your bank, and can't read a private email that you only enter on certain sites' forms. However, sites often phish by "spoofing" the appearance of another site, and inevitably there are bugs in browsers that may leak this information. For maximum security you may want to use different profiles for different activities.