This document captures practical next-step improvements identified from a review of the current implementation.
- Delete by exact cookie identity in background auto-cleanup by including
storeIdwhere available and ensuring URL construction is normalized for leading-dot domains. - Consider a fallback remove path for cookies that fail
chrome.cookies.removeon first attempt (alternate scheme/path normalization). - Add telemetry counters for remove failures vs successes to make debugging easier.
- ✅ Popup/manual delete path now uses cookie object details and propagates runtime errors to UI status feedback.
- ✅ Background auto-cleanup now tracks failed deletion attempts (
removedCookieFailedCount) and includesfailedCountin removal stats. - ✅ Added fallback remove attempts in background auto-cleanup (normalized domain + HTTPS retry) before marking a deletion as failed.
- ✅ Added retry-success telemetry (
removedCookieRetrySuccessCount) for background auto-cleanup retries. - ⏭️ Next: expose retry success rate in a dedicated diagnostics UI panel.
- Current auto-cleanup targets
hostnameand.hostnameonly; add optional mode to remove cookies for related subdomains encountered during the tab session. - Add a user setting for cleanup strictness:
- Conservative: current behavior
- Balanced: include first-party subdomains
- Aggressive: include third-party cookies set while tab was active
- Consolidate default supplier lists into a single shared source used by background and popup to avoid drift.
- Add structured validation/parsing for supplier patterns with clear error messaging:
**.domain.tldprefix.*- exact
domain.tld
- Surface the effective normalized pattern in UI after add.
- Show explicit toast/inline status for cookie save/delete success and errors (
chrome.runtime.lastError). - Add editable Domain and SameSite fields in edit/create mode for advanced workflows.
- Add a one-click duplicate cookie action in addition to edit/delete.
- Confirm destructive actions (bulk delete/import overwrite).
- Introduce a lightweight settings schema version in storage and run migrations explicitly per version.
- Add migration tests for:
- empty store
- partially configured store
- legacy store without new default suppliers
- ✅ Added
settingsVersionpersistence scaffold in background install flow. - ⏭️ Next: split migration steps into explicit versioned functions and add dedicated migration tests.
- Add a dedicated diagnostics tab in popup:
- recent auto-delete attempts (success/fail)
- matched supplier pattern for skipped deletions
- last rule handler run
- Include exportable debug bundle (sanitized JSON).
- Add focused unit tests for:
removeCookie(cookie)URL/detail construction (dot domains, path, secure, storeId)- edit-mode rename behavior (old cookie removed)
- supplier merge migration in
onInstalled
- Add a small integration-style test for popup edit flow:
- click Edit → form prefill → Save → list refresh
- Avoid
evalfor loading rules where feasible; prefer static imports or safe parsing pipeline. - Tighten import validation for cookie JSON (required fields, type checks, max limits).
- Add optional guardrails for sensitive domains (banking/government) to avoid accidental cookie operations.
- Debounce or coalesce repetitive script injections on rapid navigation events.
- Extract repeated helpers (URL normalization, pattern matching, storage keys) into shared utility modules.
- Document architectural boundaries and ownership of popup/background responsibilities.
- Per-site profiles: banner handling + cleanup policy + supplier exceptions.
- Scheduled cleanup windows (e.g., nightly) for non-approved domains.
- Optional cloud sync (where browser supports) for supplier and whitelist settings.