From 0a44d9d7b3058a02bda60421ad594724498a7ba2 Mon Sep 17 00:00:00 2001
From: "pinkerton%aol.net" <pinkerton%aol.net>
Date: Wed, 31 Mar 2004 01:51:59 +0000
Subject: [PATCH] add view/delete/sort of cookies to privacy panel. added
 "accept cookies only from sites i visit" pref. cleaned up layout and wording
 of panel. added ability to switch allow/deny on site white/blacklist inline.
 (bug 182540)

---
 .../English.lproj/Privacy.nib/classes.nib     |  26 +-
 .../English.lproj/Privacy.nib/info.nib        |   4 +-
 .../English.lproj/Privacy.nib/objects.nib     | Bin 6152 -> 10225 bytes
 camino/PreferencePanes/Privacy/PrivacyPane.h  |  71 ++-
 camino/PreferencePanes/Privacy/PrivacyPane.mm | 589 +++++++++++++-----
 camino/src/preferences/PreferenceManager.mm   |   6 +-
 6 files changed, 485 insertions(+), 211 deletions(-)

diff --git a/camino/PreferencePanes/Privacy/English.lproj/Privacy.nib/classes.nib b/camino/PreferencePanes/Privacy/English.lproj/Privacy.nib/classes.nib
index 24fa1f857d8..5c82bc0a320 100644
--- a/camino/PreferencePanes/Privacy/English.lproj/Privacy.nib/classes.nib
+++ b/camino/PreferencePanes/Privacy/English.lproj/Privacy.nib/classes.nib
@@ -1,6 +1,5 @@
 {
     IBClasses = (
-        {CLASS = ExtendedTableView; LANGUAGE = ObjC; SUPERCLASS = NSTableView; }, 
         {CLASS = FirstResponder; LANGUAGE = ObjC; SUPERCLASS = NSObject; }, 
         {
             CLASS = NSPreferencePane; 
@@ -15,26 +14,31 @@
         }, 
         {
             ACTIONS = {
-                clearCookies = id; 
                 clickAskAboutCookies = id; 
                 clickAutoFillPasswords = id; 
-                clickEnableCookies = id; 
+                clickCookieBehavior = id; 
                 clickStorePasswords = id; 
-                editCookieSites = id; 
-                editCookieSitesDone = id; 
+                editCookies = id; 
+                editCookiesDone = id; 
+                editPermissions = id; 
+                editPermissionsDone = id; 
                 launchKeychainAccess = id; 
-                removeCookieSite = id; 
+                removeAllCookiePermissions = id; 
+                removeAllCookies = id; 
+                removeCookiePermissions = id; 
+                removeCookies = id; 
             }; 
             CLASS = OrgMozillaChimeraPreferencePrivacy; 
             LANGUAGE = ObjC; 
             OUTLETS = {
                 mAskAboutCookies = NSButton; 
                 mAutoFillPasswords = NSButton; 
-                mCookieSitePanel = id; 
-                mCookiesEnabled = NSButton; 
-                mEditSitesButton = NSButton; 
-                mEditSitesText = NSTextField; 
-                mSiteTable = ExtendedTableView; 
+                mCookieBehavior = NSMatrix; 
+                mCookiesPanel = id; 
+                mCookiesTable = NSTableView; 
+                mPermissionColumn = NSTableColumn; 
+                mPermissionsPanel = id; 
+                mPermissionsTable = NSTableView; 
                 mStorePasswords = NSButton; 
             }; 
             SUPERCLASS = PreferencePaneBase; 
diff --git a/camino/PreferencePanes/Privacy/English.lproj/Privacy.nib/info.nib b/camino/PreferencePanes/Privacy/English.lproj/Privacy.nib/info.nib
index 3a89b4cd498..dc78b219f58 100644
--- a/camino/PreferencePanes/Privacy/English.lproj/Privacy.nib/info.nib
+++ b/camino/PreferencePanes/Privacy/English.lproj/Privacy.nib/info.nib
@@ -3,12 +3,12 @@
 <plist version="1.0">
 <dict>
 	<key>IBDocumentLocation</key>
-	<string>133 69 356 240 0 0 1280 832 </string>
+	<string>220 75 356 240 0 0 1280 832 </string>
 	<key>IBFramework Version</key>
 	<string>362.0</string>
 	<key>IBOpenObjects</key>
 	<array>
-		<integer>287</integer>
+		<integer>5</integer>
 	</array>
 	<key>IBSystem Version</key>
 	<string>7D24</string>
diff --git a/camino/PreferencePanes/Privacy/English.lproj/Privacy.nib/objects.nib b/camino/PreferencePanes/Privacy/English.lproj/Privacy.nib/objects.nib
index ea54c9fbbe107fa811848fc08926b5567ad780d0..a61ecd48b8a8e2f4ab253bd67a5d736945552f5d 100644
GIT binary patch
literal 10225
zcmbVS3v?7!n!Z&@2M7TYBt{g6l7}EN*#X8qOb%)YPR7R)f`ReCI0ri26;jaY?$ZxK
zc4WsJs%wtNb9Q!Gs6$4@2xdhFF$~Ha_aQEzC_92OC@YE<2&jO7FHl5!zyDTsb#(~H
zZuP0ETlew*|NWo${<jPJC)%QFFrJ91{uW;Fi7r*^x<0V3;jWq)jSJO4;tqep&zYs`
zed`+R8kS1iU8W`DiAalGdDC)TuBM^r){uy4;RVuiUAlS1jM#$dk$==eA^)^ytwoLb
z>tkw@8dJjowLYdT_6ORGl%Y#nrHQd6bqzJiL?RNNriMbdi|?s{gl2!2>3UIJ1GP*A
zE=_CKr3;Mdh1Iz9l`Dr$4FuF^LJ347i!?Q^G{qt<ia*?@#I=NK05}HMM#72m<sGAR
z->)Y9ec;zcjInERU&ye3U`ZBW8VfQ%`vr^P8Ae$Je5q-GE(O?XX*FA2Xrxj=T?GyZ
z9$>E1{g~{M+jPAjXao3IBy^L&^-E1{MX7&X!@X)e8VLv07+ap!*Q8S&OfMm#o1DvL
z=JaI3-xyM-#$x_9rt5v`8tmfojzPq3z?r2kNz`g;C^&R=x~qe&P2swpOH(*oU&a_c
z(_NqoKfO>31ge<?IQk&ZKw{o)k3QaB2+p;$YQ|Q9as6xBl%U$=Plggz#;R0mjhNjt
zdO@JNngD>3X^~I_)UPhm3v6Z=HMGSOYKwv4B>{WZqK~0Jx4J-=o0^v0K5pHgB!j+-
zy1UV>)agc($aUSw(8mD5QdP>JY5Jf6ktO5ShzaUXcSyvs&CX<HnM+?tm@1y>&Gu9c
zh$M9fmr`6h<D;fCK9>u9nwqMs1AzdfxZa+$m~a6w<R+Thz+57)N`Sf=e_+vqSR@$^
zdgzou=O!c7pRqI%y3Qj2_9B;+VL**%7WI1Ky@S(bG-t0hKo^y$8f($w@kltXgw%x6
z7D+1pP^-T!j#ntsszhRt2NX9?ljBh}pfza$q0aH~N=#kgj|D?&Jg!8V2nG!jLIjw`
z$YQlpnU#!%l}K1gG^@&psqsZhquLaSsfu413M^Dn{efl&%?KqDB}-Eh5ha>T*l1|9
z0PT=W?IA6ms5JB^I!1L~iTym;A9h2wQvyNRs<mYU+pq~j|FbP}7?ExCET`67iVx@P
z4TaSD4JD7Oe{|HhFASH|cgT#W8dmO6+XBsgEv%3ih{to{-KO`8$2ARVTU`wS43*lA
z_Ua7AG4cs84#(~spGEblRVnDCzTK7ak2pKZ*|EVy&9T9~Q6nf(eu&38s&;NBTIBXS
zr_9Xk*a1RHVPwLa!dXC;0rjTkCWwUX-PPh>0ROdeB{|ksEfHvjRq6UwS+0rp1~H}p
z{w1%Um`6@m%eeHr$#4~uT}RQYp7xn$yU-lDd%Y6#@MSD#2L)FSUYaYz8xo{+QGYz%
z8i@tt3WP)&xyX@N4$Hngro8c159;CSX2ZtD2}>K7CxweG?W8jY#Sh%^78sTi)l{ek
zS&J5i9klpub#L}V*&{8g(yBH(T92rPQCZy&L|R}FY77R|time&VHlE<jH^Mim6+P1
zwlu0S$4=bf7FSxEp_gRbF*QM!h|Ye2V7$@@1M`RC5v8$B@dp>Hv4j>^V{z(|h{65X
zz!qx=U7|7@#)ziYW(`IQ4tj=G8e6l*wcjhMzvQ{m10FZ}p>U%gO6db0H+o-`OCJd*
z`jP8IpZ_7}`5zv)m{W~$gE{-XP>tVTS~aekn#7EousF!6M@}6M{eU`DU$HXmx;I})
zmr_M67lI_%JpB}M1D&KV0q9YiO>kUW5dJY#nKTJX1@Ei*Ly-j#yOwBH7W+d<=vp+U
zF4iK+I0nW2i`8JIG6(uV8l(m_;rU~(9oPfOGJ5zj#UG7^fSS~`vKUuR*hf6V?({~b
zvREzby!P^TUR<ALL~)MmpLjreTp%1WXAfPWOTOmkG&>RN>g`wu(&Lqtl{qxWg>Y?W
zyhDGzH?K=5rHNOF@@g9;8E#N<Y(Ed-sooLN>Otzq<pwUTC&xl>+aeI>9eWwa*?BIN
zR-qkFuj5JSgGXw(s;a7JEoVoWM;R-S02ZAG7s~B-tc3+V-BFP4Nb64Q647F8kM(LK
zOsYkTR$8#eh360+Krl_BbzP^J1GA%s%`|-vx%>fGWcq_z#Ezp_5+Qtfah2TRSx*Rf
zvI9^0mwOy|JM>-V?p|P>g&W@R(yBaoK7lPK&D3UY1DZTDgB7w^Gm5xWxjdah?6+3{
z^tQ{i9uU8cg9qzU9G|rILkz6Z5-t9y7<#W7#frb!34rvqyo3Ap=zV@Q;io_QN#NJh
zr!#~C-!)hUT<$7BqxZgC-=1wWZc15M*~4STjCuX$n{PgS%PqH@9yxO4>%)c(d$?b}
zep4LSJ;!;!edXol$@=<wYwg;#nfKm%FZ1oU-)7F8JD1tNe}87(x^<aZvu0VthYwF;
z5L|Dsmv89Mp>4@z^6a*4+cM|RpU?Dm?cKXK^S}cSoE<%SbXza53NVk_g$oxRec^={
zGM|0+S?0op3-0~>_upr-_t~>&GuyXs&$PC-9tGZ7z#=|mui~1TnkS!q_Swv<ufCc&
ze*Admi!Z*&eEs#;;{Ni>FU6bcPM$oO*|TR)=DFvd%iMkU-A@8QaTW;P6-$;ZIk08R
zmdx(myE6w49LO9yb}V!1)G2YFK7CryNOT@LbSSfH*RISfue?I@J3wO{I7HW|r=EK1
z8)|>|-FGvVWr_YrjvUDxJ$f|r@y8!$s7x?E_}~M<^EcmoGqZmE`fq3~?yPQ9c6WE5
zd*_{ZM8Cs_4`)98^iwgv6DLl%Wr9a-gop5L+O+8$U{reHJpTCOC#aq9(wvA7G#|P@
z|NL|DraEdP8V?>knCa-~IMD;nsBk#En_v(f#24b}nKNgE?vM_Voamcik{pPxMT-{g
z2Au4?P-GSGf{$$7y7e5*gXBYFy|SnBci(*{<VG}7-|^$eKSE;(fOC=Trp=o-Zx8TX
z$inDN4@o~UuM5<d#^CnKo%l^~)yBrg_n{x(_XdON-hTV-?}NeM`_$JNLu0)c*~@U;
z>ZD1Nwm$gagQuZS=SgSirZUx08})JeUed<UPIM8yt+=1Sy~(+$Om);oeJ%w9P2wUt
zY0lJ_WI_5tH<hW5+Ir3fRhPY}zxTd$=K)ySQBR3s{Uu4BvMkDln83eD1x`IWOGQpu
zM!Afk9b*~mE0sI-sF5nN^}bT+TEPMI@okl^bIUuWVIG)cJuvUh)eExwGW%D2{z1mZ
zlrraypoQ$gM#iu=G!S+~9PTi@LGMfo^_}K{F7s3uC5#X<?$g4-Nb4-MB^vT4R4#q9
zTpyrmxo{lli>$$9E{)^zFfP@$N0%TTBW)oT4B4FyDzMe6_lMPxfxucw$s5DY)vQJE
zE~MRHaYy?NAYY_ixU{Y$s4x~((#7_2LF}a5z3F6oZ(4XqB&_DbWJ%r{WaUa}fRVyR
zdKl7C6DQm0s3E|Bbkv>D*AQEbX97v70P{aN00C2kO$2u^O60~G0?0Onh*r)Htsw#j
zgP}yQk9r_>P77&KYOh+8F6(G#FWaq1s@Mr7N;pyTt*g^RoW%|;az5hh?d&@}Bsag5
z-XFVYN~$zfRcU}xhTIatxKs5by+x3Qtx4<U`M8FPH5P%TEES&VGJqUPx9$`988`oO
zwUZ?3nS%MVk%9^um;ucXYb$(u;9X~vn699W@ql@huZo3jdYC=&>@Y4JW~Csb)FuLp
zAOqYgB7R^ECFX*pPqHP9bY@>l&=Gy49QUb>v@A1%#grrMIdjUZ4WmscM@Ev85^jHY
zUuLJ73N|jgZQZ&jq+DKXP_y7&E-m%~w)X%vWWt4NwkqY0uh_s|+GI!!lT7O){~I_8
z>-;UMQ7;I((Uab?>)nCg{8oP(nVr{q$++nfn564_V5;{gnvE$JV-odVOh36&kVOq@
zAQ@AQ8!rNyZTWwJ?ep^`Q7xv%dtr;)bQ!=9EHXmKc&oJ{L4aMqox*iL8Kt>NBl?YQ
zR7MBKE2HNa$Qap)t%?mjIp_N&Z3K;FHSfGpzpTdh$4=57udtjBm!T=UvG)Ks3gnku
zo9VY8rg<}!%Wh|6E5^W7s(pVo<tyoD2qQ!SD9^UZ5G&|@?RsHgj@PjLiW=kWZ>xnZ
zd(5Y7kZ=z46m|^Q*f=3&T&5Q^HC3@?xBuqrpXnv@f{`qgDq8A8X=mhtk|?JpeKbfI
z@}M4|-U67V>iIq7@r?9!>ET5EkSSdHinB8`g5JXOl6R_0*TYMpm+lj8zqq)xw0%2>
z0#f0&N1-gdMxvxiVXW!$PP-V{0_0DXsi9ELb<fOm-D1C5Djab>f`M0ppvXp$13tTV
z;6h}Q9kwuO5xz*4^fOYDUP!Y=gOBlo>ebRlh=ena4VS!e*>8WFIVm2-3iHDQ=A;S}
ztmqNY=Jp=Y=GqvpB%s}&N4Oo(Y_<$e1G*;~m8a+D#h+`^jrjrRuuuff4yPM)_*1Xy
z*HS#m8>?OvPv&EUO1GoNmx>cjHso~B&=mpmK}Rn<VS!)~e-RdB$I-gZoJ&i`W)1j?
zJ$>&UF_?Ad!K^zkYDoAK$vAw)me(dMt9kgf2}^{h$Ra9+K1N#qj&}071Q48i7zji>
zs*glxM{~z#T%I7#@usWc<Xt$cp%}&49$KPIrPCiQ_B`PwD0cA3$H>*0)DBve{2$Z%
zaDpbb{smgK)_yDO4K(4vjgWKp*X1~n!pec|09Vn`$QbZTL4*9*J(u=VIh7!x1nGAD
z)Qq0;Bfo?J^h`T4wEfb2;Y{jo+~c|-(x$BBAA5|mlQ`9(XK&;7KIS-~rgU?!PKd09
zH1;>?2k=I(zX|uFg9S!<4mltg!YF*@JD|%MS+5RgX`ZRM4(PHz!h_g#OqWA^kz<<U
zK`Qc1cG8JVe6D$<%Zvuil45gwg;`N%mKB?|73Sm$b4!<b|6H?6FZ!>6GG~u)>7VSh
zT6X1KWUttrBaQ4wcG2CHlJ<Ii8ZvSh`!sWQvH3}td8o@Q_L=kNnhS$w&8;S9sTJmk
z3Ntw0Jl<t)?lKcmb8nY9v)Fubv)S2Ye%op8?=p9GnR7uK?FvS~?(=sA<-KMuiPVd?
z2XlK+n)SZSFrVoHF%PXUw{@9cb(%}(n)|xUTPr$7m<Irf&buN@CQO=On5SqVkv+(n
zXqY~H7l~a68b73ux&~TR8|EBuPc$CExA$as!o&%vjiMGu_nvhuDoar5p0OEb1wQF8
zIlJ~Z%rewq^_$yGV9*u^QufGs0)f9jAJR@6lI?PSIsx?0MvZqqpWxd|<wQZ{A=Cn2
zcANmc->!3yxCz|~)Roj~A$3e#nbC>`y<yI`yXBDzv7<JtRptl>63x$E%Nu48b@_8X
zjvDNbY#Js4*=AHg#v~a`WMMBrI#Gwo*$4g@G1LCGLE!sEe7o}6>j22|k5D{=I{d@I
zog?sULzPE1P#RSD?0u-Y6lE_r_u1pKd;>^YuK{BA2vbeK?cxNz0R{Z|;x1YMJ>4;q
zdJU;-sM8u}BojDs#@`ge_+v)|>$}||M4-j3D_h>Z!sck7d97k=P1{Y*o~LS}uB^qA
z)3+(jb|BRn(BkZ=g@U<bNdkEz^P5TW-H|R(T`w18gE;zMg-avo=In*;nWP|PIDo@y
z4Z+dDTV>;XxqCJ>544+mw#}ioYrJiqNx2Y~Qm^ZJAn2{*{nT-Yic=3yEA9PVP$kr(
zlzKR%cv_$DuAtW9ApU7%ALM4)ChGeJ)esK*vH5iP9E2p^@RWCF`A_EWWwN9GPV;fn
zpZ;NJBo3H_S8*ElkwNy>aER2iw}usD`lT&6@1EKiNoJ>%rEdkn8{9&Nd$8V+d&=at
zlO+vu^rS{@_T!8!<~9<QgIdI)agUKNcb_6Ym3X-5^7pvQUylUb)@{^U9`Yx{f#&S#
zn*B!sr_1x*ox+>-!kwL`IQ!J$)T!gS^0v-g83sdhD%ZkV0>^;0S}dM$|Mg?f?B(uG
zB4S7YM|q2E9mr1IC3B}BQ}pP;TDQx-9FTk#xjhb1j|v+|PYIwCvT7ao>T<PqKbLN>
zIQyK-H(T4d+}E1Tr7r7ME<KLgPq;kV+RNn<lr1jbU}5L@7|Ji=c+5gFZ57J@!{zHO
zoESf29pG}QmB6kHwOhDkS+!hRW6eR5%-YQ5BCC_jSE1=mE}gbYxbz6hUvhc8h4}lZ
zHHk~BQSlmLF<!^Ge4|yvr6*8+i%Xy5b%@I&@cMTyJ!^rka%(4-`=Me#mw#kcaOp{u
zk8^npUR$|z5U)L4`qJ`o=?~U?F8wPiPH=gw^%a+ktss}yqT*{V{}`{GTsnf+XI#F?
zS|Oo?<-kb1{=%iPc%^*Shg|ND(tmPkkF}Ibf3iSL87kiA@^I@JF8i#RTzbkX=F&f-
zb~~32;RVJGweYW?A=W-F5428kxx)IE%h#akuUtB59pUm|lu<v<>frJK3*=voilbZ}
zh1Ul-*v9J}EKTrwh)csQ%yp2}RfNw?*IMJb)QQro*gjixxujSNx%9NPh0A?VyNgSw
d0JE|KM{2OqyK1II0ug_047now{bG?}{4dR#4k-Wt

literal 6152
zcma)ATWlQF89v9CIJVcZ*SWNiG)y4PwS+pPD7ciY<B$>+oRp=F5JJ&pc5F|xyR)5{
zwPR=t$C;gnqV{2xjN+D-tBGQ)iilbkO`#EafKXA==>-s?Da}KpDoaEjBGRTwzyHka
z#SVe4<=LHc{r>O2p3~6kjO6r`?O3{+5%p(Wo^V}vUSD$C=Iy(`r)$m@)lmieyX(&F
zONK41Pz;Ck=55E!gpI5ByLAbgieX8|GO`1FzsuL&xZN7K*L>JWr`6s;BcogD4omOX
zEj_F0J1k>J)keI6=W=6-kGXAq$@|saX}#A>=QCL>IXBVY-=9cmntSlzoTQ^VdE48!
z`SCZp<b&Y4ZakWFx2~pit5;8_m$+^_8uh)-RzpvxsOe7EjrApaG{-Qr^d5KJIekg`
z)dS#$G1?$5Gv+oV@WEa!J?XSLe9IO+JK|vr4BcvGorU|ymb;A)-g=w%&>Y6t_4vPh
zh26vQOk)O1F_nFjS$JmgTgPg=zt!a$8|UL}JmwV&*r*%i;m@tt5($Qtn*hR0n-<$Y
zUhmfR_wT!NV&X~ex#Qz=-1-p9oaBh@=ot^N+6SeKB$=E=<LVDH?s=a3%cn*cbX`uc
zrwi`0W6PiYe*iw$24DoP0pOmO$N&kt?@g<=og7wkIo(=AioFS&$M4$f=-HH>k}CSH
zp$~(a)`)z1{f6r{lQ>z&GSjOiYt)Qi7<Hd+=S<9oq+~rUw26_U{_Z2x0PQ3-%u7>~
zVE;hlkz!$txiL}+tU!K3c=zTVvXUOlQb#}{I1GR8A8VwgV1b+Sj$>xoi^b`&(PdE6
zO9gxczcZFn7)vR|X;K2z&|qj<f^pIW0EDy1C^kL$)Mx|0%tq&KWbA1O->}8Z>fQ@w
znvS~7wrv;$Eg{$&*YQzrG;syv7^#W3d8C9Tu$A>2Lt9x8+RELqi!>X;(}BfkOs%MZ
z!416PRMGt{VQ#KsUMbjHj{x-}71YxN_|;he=iH}f%%K{H$6u}iCLJQ8E%Hu@^>qL)
zyhb~N0n%mJXRedf#mX?^g7;W)#;kamItc<cCs|^Nkfr!tDZ^2EO>>W-D@nuA?J8v_
z4l%Ooi9;YLriDgQW5oM5t(kZMhFlrb5sj%D`(eN=xV*anv~LniEme5zzk>ht4#w#D
znGgm0=RF4eDW&Yz;o^#F>59HLmo_vYPwARrBSP59h?!S1h$o7r52#iO;Y=AG)SW@y
zQZy-^t=NNRKAlq3^sqW&V>Lz9G(ATvuNoeN>}k2pYQ?l_#-#MDK_hmjRc%jsM89Qb
zl$>fghL%sOmNKmGwu!uT%Kd}7t=GUJv_@9Z`}+}@2~k!bs(~bh$&zoR*0p%gl&v*5
z#NIjy?p}eS;Rl=x{-WRy5nJ>f`a-ebjg59b248Vsh9A8Yd1>gBx+U13UMx<HjWQY`
zy@{QRw+i+)WAudON{^a`N(#j(x4yr>o9)~5!@d=6Y*)%GuhNZRqd<M{%vkD)Cj|Sb
z6>#vJwb1Wqkv~6i3}K4q{aVgD7J}piac1<V;IZUL@x2<Ha#@%z7LOO-i)5V)iI9y^
z7YXn_{kx5naI}gcE{Y6sGc-0}nfYugG~2hm0z>E}5N*3C?paygA^_~j4Cw?r$6^2w
zi<f1Sn=e=(*nb53khZ69X|*o_z+a2+g8lc3r`$%0c}7di{Q09Uc!hpgMf6Fj$vC8v
zItahz29sE0^0f~nILuHYeMvEE$I@Q-BS$W{tun|W&~|ql@1KGN)D_*I{T!~^v@<kD
zPq1fJQNsNNe4cV8Ma4>I#ncLi*mKX<CZkHooRt1wf0%Rcq{mrt(kqU6^>t?|JU0(m
zMno;z>JRVR1ep;L;)TNKYYE0exZWXl=A?(WNpI2*rv0gDAHg8Z6=b>dC^nSFLL0qN
zu(P5rz7(?KSu9m0rgS+YbRnTq)Ustjurq2pt>g?{Lxb55m+LpJj7r6W;tZ;eVw)MA
z+*FZ%s;KrJ#W59BL-0?GS*2!EN?LW`nwE}Y2u`Yyldq<@LJ=gB%cFB$)kV)$U6fKl
zSpdO*EZCcZO+t(GoFPIb1%M~g#)96oj_8pj6saf**9746H3{LED<l64GV)jXLYVK^
z2vgk{pRv(wu9_mQs=@t2EqvE)L@qV=t~ny*fKuS8M~W9CrPS34UgD4k&*H^Mt7OgF
z1fM7P$BoqWabp>Q+Z0xS8Vafih?KS-J5&L{?ka{f-$53e?X72Eb(auh5ax<!Ybjo}
z3eML_^nTb`-m^Bt%FS+&q#{P!_ONNCYzo3i2Ff0NL>p9%Y!wKXEZ2?ReaE-296MG(
zaF|~%EVgCT0X+!=(DZr~K?e^~sXS~r+8_b~rQm<h;H#;IuTzq*Q@q$z!`IH7;HM>9
zrz>o|{&_52Iq5Y=G}PGH?VW;sB1!n<+9b^H$-~I|QOj3}s0tpNDR{#y(^{Djb&J-3
zW;|!mJlnVg`vXcDJ+m9mBfaICq$}iQdF01hO^_d|z)9Y!!HY*iz_u}vy%|a)KZZ+N
zO3F~v=76n$|3PI)P3Ph1IZGch%)E_BwmO6ysyu))KvR)$sjiV|${G(R($3$CY(VKj
z{<jf8a#T&oV6m<RpQ@9$*Lq2<lRtigU{lh?r#{EUx99Zi>>aB*=)9JTS2ybt>`7w@
zW5$vhTByX5?l6|L$x2R^aO>99#HmGB??9FAZ|Jyj%^J5gI%b45ZjIU9gsQ@U**VuX
zx_NiWdZt`;Rb^fLY4%o?bAw>72sSQldi>hUFYH0+R(G3uN6}SnFxsZN%hFHVr5Z2=
zds?uc2yT*P<2i#<SoU%{LzJsy!6tC#(e@}+Zpm5^K(Yh1MIP)dtUW_qQGpp&msE&W
z3rbXzBh*qZNo66aXB`7+=rbxv_)O|^ipLtOT~@VPS#vatx}@M=BUh&HFd$L&80Or#
zwG|m;>t|<>mL26t+EV5EY;~g&-3D~@C3hOxlsSCAp2<-*75tO^Zku7qvWSje39Y40
zuy+N&DXe5ib9)j0aD1;aOy@Bi5O=6qJ?$auHBg1-O&7S^K+8aiMkeYL<NUB-e-TU+
z3*&W%_dWXPm5=1ZJK#5!{8-69SMo1i^iNFt%S!&Dl7DpCUtID}Px_rD|6<AK0KD?e
zc>wcA!CwuDDTA343PC^+@XIe{B&7oXeJu!Z`e`7}m;A{oe`(1-KJAy*`t2pZxyip!
z@~2mfE%wK-G*0a`S0`PbKZQozr&JHsXgiCx+MAK}>$}jp0<Dc9LH+^!j%_v4`bt~b
zK8%9a^PA8_M{09#*R2>G!z<Pe&&nIR@bUa}VO!<&NNtzUhI<o9w|@dJIAB)>toQt7
zvzjnv5t?v=5H5`&NAX@c%zOUg+U^aWe;V&IZ;U*@bLNzbc!l-}JJ#cPs~qz;bgjph
zYtd9zkbfR8mHp8<iTBzI4$ohT7F=DFh4=j9v!=A;y_R8Yf`yvVTH)dXUI=#is7){e
zwAJ#{C65(oDWBPO2X_=GtCIMEd$ny01703mLWhq9eaSv!_x8M#)=|V}vp5-=IIg`d
zZ*tI6X^ZclI6(3??HZPD6`uMR%IO$Hw>Firn7?D<JXu4VMpb20@paRj?Gv1gpfw8#
zko=^EW%B_dxIH6lrHX@xGY-&<&J0x$u&(rs-sA+QjTUGW9A{3J`z0r0)c*z9f7J@n
zkWL!1Fs<gZ+F&^&hY2~t93#{C6wGA(9hp!*%6Fk7K%V5pB3iS9a(}hkj`lk$A<ycg
zOQNX%IQ7RZc_~w!9buWI&XyEzR>N{I;)v|6B|{*jD~GL9WMWt2K7KSOIX^lXexE1j
zxq8?l?u4qL?v4z_MVZt?3y$_B$7+u#u)}<tin_?)J2FU;J(MFOE1<sQ#9|U+zEny$
zC+dv|SW4XsL!Hf>9+7Z>BEY;VByxywS4q#@l%B@ji=&5aE2d~UBWpM)+_oB)?Nn|Q
zar=pz!rO68X<QWSZ$Xpbv7l4%F9tsl{2PHKcvo;%@RlGW_|3sC!LJJ*6nuWLNboNO
zQ-a?ZEEBvt*em$g16%O*fg$+XAP_te>=Zm6EEW9rK(JB4HwTk~e>u1y*arc!(dwXC
z@V4MS!TuGj5d4N<44EkS5$+j-(}FJ#Ou=snRKc$g9uj;(a9*(Yg9AM1yFOUk7@QD%
zQ*cSJQ$f4n?Llcy@UY-_1bYPkN{|=)*5CobJA-qAy@S17!Fz+_g0Bd0chedy7JOqc
zB=~JX3}>cbK=3uewBSnc9UR~={4reD1>YC^tHDvhmj#;Os{n1w822ZCRRoV6+cx)_
QnyGHJ)QpY;%^uJDAMts<B>(^b

diff --git a/camino/PreferencePanes/Privacy/PrivacyPane.h b/camino/PreferencePanes/Privacy/PrivacyPane.h
index 8b478d6478c..79c6de3a281 100644
--- a/camino/PreferencePanes/Privacy/PrivacyPane.h
+++ b/camino/PreferencePanes/Privacy/PrivacyPane.h
@@ -6,47 +6,66 @@
 
 class nsIPref;
 class nsIPermissionManager;
-class nsISimpleEnumerator;
 class nsIPermission;
+class nsICookieManager;
+class nsICookie;
 
 @interface OrgMozillaChimeraPreferencePrivacy : PreferencePaneBase
 {
-  IBOutlet NSButton* mCookiesEnabled;
+  // pane
+  IBOutlet NSMatrix* mCookieBehavior;
   IBOutlet NSButton* mAskAboutCookies;
-  IBOutlet id mCookieSitePanel;
-  IBOutlet NSButton* mEditSitesButton;
-  IBOutlet NSTextField* mEditSitesText;
   
   IBOutlet NSButton* mStorePasswords;
   IBOutlet NSButton* mAutoFillPasswords;
   
-  IBOutlet ExtendedTableView* mSiteTable;
-  nsIPermissionManager* mManager;         // STRONG (should be nsCOMPtr)  
-  nsCOMArray<nsIPermission>* mCachedPermissions;	// parallel list of permissions for speed
+  // permission sheet
+  IBOutlet id mPermissionsPanel;
+  IBOutlet NSTableView* mPermissionsTable;
+  IBOutlet NSTableColumn* mPermissionColumn;
+  nsIPermissionManager* mPermissionManager;        // STRONG (should be nsCOMPtr)
+  nsCOMArray<nsIPermission>* mCachedPermissions;   // parallel list for speed, STRONG
+      
+  // cookie sheet
+  IBOutlet id mCookiesPanel;
+  IBOutlet NSTableView* mCookiesTable;
+  nsICookieManager* mCookieManager;
+  nsCOMArray<nsICookie>* mCachedCookies;
 }
 
--(IBAction) clearCookies:(id)aSender;
--(IBAction) editCookieSites:(id)aSender;
--(IBAction) editCookieSitesDone:(id)aSender;
--(IBAction) removeCookieSite:(id)aSender;
-- (void) editCookieSitesSheetDidEnd:(NSWindow *)sheet returnCode:(int)returnCode contextInfo:(void  *)contextInfo;
-
-// data source informal protocol (NSTableDataSource)
-- (int)numberOfRowsInTableView:(NSTableView *)aTableView;
-- (id)tableView:(NSTableView *)aTableView objectValueForTableColumn:(NSTableColumn *)aTableColumn row:(int)rowIndex;
-
-// NSTableView delegate methods
-- (void)tableView:(NSTableView *)aTableView didClickTableColumn:(NSTableColumn *)aTableColumn;
-
--(IBAction) clickEnableCookies:(id)sender;
+// main panel button actions
+-(IBAction) clickCookieBehavior:(id)aSender;
 -(IBAction) clickAskAboutCookies:(id)sender;
-
 -(IBAction) clickStorePasswords:(id)sender;
 -(IBAction) clickAutoFillPasswords:(id)sender;
 -(IBAction) launchKeychainAccess:(id)sender;
 
-// helpers going between the enable cookie checkbox and the mozilla pref
--(BOOL)mapCookiePrefToCheckbox:(int)inCookiePref;
--(int)mapCookieCheckboxToPref:(BOOL)inCheckboxValue;
+// cookie editing functions
+-(void) populateCookieCache;
+-(IBAction) editCookies:(id)aSender;
+-(IBAction) editCookiesDone:(id)aSender;
+-(IBAction) removeCookies:(id)aSender;
+-(IBAction) removeAllCookies:(id)aSender;
+
+// permission editing functions
+-(void) populatePermissionCache;
+-(IBAction) editPermissions:(id)aSender;
+-(IBAction) editPermissionsDone:(id)aSender;
+-(IBAction) removeCookiePermissions:(id)aSender;
+-(IBAction) removeAllCookiePermissions:(id)aSender;
+
+-(void) mapCookiePrefToGUI:(int)pref;
+
+// data source informal protocol (NSTableDataSource)
+- (int)numberOfRowsInTableView:(NSTableView *)aTableView;
+- (id)tableView:(NSTableView *)aTableView objectValueForTableColumn:(NSTableColumn *)aTableColumn row:(int)rowIndex;
+- (void)tableView:(NSTableView *)aTableView setObjectValue:anObject forTableColumn:(NSTableColumn *)aTableColumn  row:(int)rowIndex;
+
+// NSTableView delegate methods
+- (void) tableView:(NSTableView *)aTableView didClickTableColumn:(NSTableColumn *)aTableColumn;
+
+// sorting support methods
+-(void) sortCookiesByColumn:(NSTableColumn *)aTableColumn;
+-(void) sortPermissionsByColumn:(NSTableColumn *)aTableColumn;
 
 @end
diff --git a/camino/PreferencePanes/Privacy/PrivacyPane.mm b/camino/PreferencePanes/Privacy/PrivacyPane.mm
index 3b6d322c247..2ca77a08a6b 100644
--- a/camino/PreferencePanes/Privacy/PrivacyPane.mm
+++ b/camino/PreferencePanes/Privacy/PrivacyPane.mm
@@ -1,13 +1,17 @@
 #import "PrivacyPane.h"
+#import "NSString+Utils.h"
 
 #include "nsCOMPtr.h"
 #include "nsIServiceManagerUtils.h"
 #include "nsIPref.h"
 #include "nsNetCID.h"
+#include "nsICookie.h"
 #include "nsICookieManager.h"
 #include "nsIPermissionManager.h"
 #include "nsISimpleEnumerator.h"
 #include "nsIPermission.h"
+#include "nsIURI.h"
+#include "nsNetUtil.h"
 #include "nsString.h"
 
 
@@ -16,20 +20,26 @@ static const char* const gUseKeychainPref = "chimera.store_passwords_with_keycha
 static const char* const gAutoFillEnabledPref = "chimera.keychain_passwords_autofill";
 
 // network.cookie.cookieBehavior settings
-const int kEnableAllCookies = 0;
-const int kDisableAllCookies = 2;
+// these are the defaults, overriden by whitelist/blacklist
+const int kAcceptAllCookies = 0;
+const int kAcceptCookiesFromOriginatingServer = 1;
+const int kDenyAllCookies = 2;
 
 // network.cookie.lifetimePolicy settings
 const int kAcceptCookiesNormally = 0;
 const int kWarnAboutCookies = 1;
 
+// popup indices
+const int kAllowIndex = 0;
+const int kDenyIndex = 1;
+
 // callbacks for sorting the permission list
-PR_STATIC_CALLBACK(int) compareHosts(nsIPermission* aPerm1, nsIPermission* aPerm2, void* aData)
+PR_STATIC_CALLBACK(int) comparePermHosts(nsIPermission* aPerm1, nsIPermission* aPerm2, void* aData)
 {
   nsCAutoString host1;
-  NS_CONST_CAST(nsIPermission*, aPerm1)->GetHost(host1);
+  aPerm1->GetHost(host1);
   nsCAutoString host2;
-  NS_CONST_CAST(nsIPermission*, aPerm2)->GetHost(host2);
+  aPerm2->GetHost(host2);
   
   return Compare(host1, host2);
 }
@@ -37,68 +47,93 @@ PR_STATIC_CALLBACK(int) compareHosts(nsIPermission* aPerm1, nsIPermission* aPerm
 PR_STATIC_CALLBACK(int) compareCapabilities(nsIPermission* aPerm1, nsIPermission* aPerm2, void* aData)
 {
   PRUint32 cap1 = 0;
-  NS_CONST_CAST(nsIPermission*, aPerm1)->GetCapability(&cap1);
+  aPerm1->GetCapability(&cap1);
   PRUint32 cap2 = 0;
-  NS_CONST_CAST(nsIPermission*, aPerm2)->GetCapability(&cap2);
+  aPerm2->GetCapability(&cap2);
   
   if(cap1 == cap2)
-    return compareHosts(aPerm1, aPerm2, aData);
+    return comparePermHosts(aPerm1, aPerm2, aData);
   
   return (cap1 < cap2) ? -1 : 1;
 }
 
+PR_STATIC_CALLBACK(int) compareCookieHosts(nsICookie* aCookie1, nsICookie* aCookie2, void* aData)
+{
+  nsCAutoString host1;
+  aCookie1->GetHost(host1);
+  nsCAutoString host2;
+  aCookie2->GetHost(host2);
+  return Compare(host1, host2);
+}
+
+PR_STATIC_CALLBACK(int) compareNames(nsICookie* aCookie1, nsICookie* aCookie2, void* aData)
+{
+  nsCAutoString name1;
+  aCookie1->GetName(name1);
+  nsCAutoString name2;
+  aCookie2->GetName(name2);
+  return Compare(name1, name2);
+}
+
+PR_STATIC_CALLBACK(int) comparePaths(nsICookie* aCookie1, nsICookie* aCookie2, void* aData)
+{
+  nsCAutoString path1;
+  aCookie1->GetPath(path1);
+  nsCAutoString path2;
+  aCookie2->GetPath(path2);
+  return Compare(path1, path2);
+}
+
+PR_STATIC_CALLBACK(int) compareSecures(nsICookie* aCookie1, nsICookie* aCookie2, void* aData)
+{
+  PRBool secure1;
+  aCookie1->GetIsSecure(&secure1);
+  PRBool secure2;
+  aCookie2->GetIsSecure(&secure2);
+  if (secure1 == secure2)
+    return -1;
+  return (secure1) ? -1 : 1;
+}
+
+PR_STATIC_CALLBACK(int) compareExpires(nsICookie* aCookie1, nsICookie* aCookie2, void* aData)
+{
+  PRUint64 expires1;
+  aCookie1->GetExpires(&expires1);
+  PRUint64 expires2;
+  aCookie2->GetExpires(&expires2);
+  return (expires1 < expires2) ? -1 : 1;
+}
+
+PR_STATIC_CALLBACK(int) compareValues(nsICookie* aCookie1, nsICookie* aCookie2, void* aData)
+{
+  nsCAutoString value1;
+  aCookie1->GetValue(value1);
+  nsCAutoString value2;
+  aCookie2->GetValue(value2);
+  return Compare(value1, value2);
+}
 
 @implementation OrgMozillaChimeraPreferencePrivacy
 
-- (void) dealloc
+-(void) dealloc
 {
-  NS_IF_RELEASE(mManager);
+  // NOTE: no need to worry about mCachedPermissions or mCachedCookies because if we're going away
+  // the respective sheets have closed and cleaned up.
+  
+  NS_IF_RELEASE(mPermissionManager);
+  NS_IF_RELEASE(mCookieManager);
   [super dealloc];
 }
 
-//
-// mapCookiePrefToCheckbox:
-//
-// Takes an int from the mozilla cookie pref and turns it into a BOOL
-// that can be used by our "enable cookies" checkbox.
-//
--(BOOL)mapCookiePrefToCheckbox:(int)inCookiePref
-{
-  BOOL retval = YES;
-  if ( inCookiePref == kDisableAllCookies )
-    retval = NO;
-  return retval;
-}
-
-//
-// mapCookieCheckboxToPref:
-//
-// Takes a BOOL from a checkbox and maps it to the mozilla pref values
-//
--(int)mapCookieCheckboxToPref:(BOOL)inCheckboxValue
-{
-  PRInt32 retval = kDisableAllCookies;
-  if ( inCheckboxValue )
-    retval = kEnableAllCookies;
-  return retval;
-}
-
-- (void)mainViewDidLoad
+-(void) mainViewDidLoad
 {
   if ( !mPrefService )
     return;
     
-  // Hookup cookie prefs. The "ask about" and "cookie sites" buttons need to
-  // be disabled when cookies aren't enabled because they aren't applicable.
-  PRInt32 acceptCookies = kEnableAllCookies;
+  // Hookup cookie prefs.
+  PRInt32 acceptCookies = kAcceptAllCookies;
   mPrefService->GetIntPref("network.cookie.cookieBehavior", &acceptCookies);
-  BOOL cookiesEnabled = [self mapCookiePrefToCheckbox:acceptCookies];
-  [mCookiesEnabled setState:cookiesEnabled];
-  if ( !cookiesEnabled ) {
-    [mAskAboutCookies setEnabled:NO];
-    [mEditSitesButton setEnabled:NO];
-    [mEditSitesText setTextColor:[NSColor lightGrayColor]];
-  }
+  [self mapCookiePrefToGUI: acceptCookies];
   // lifetimePolicy now controls asking about cookies, despite being totally unintuitive
   PRInt32 lifetimePolicy = kAcceptCookiesNormally;
   mPrefService->GetIntPref("network.cookie.lifetimePolicy", &lifetimePolicy);
@@ -107,71 +142,140 @@ PR_STATIC_CALLBACK(int) compareCapabilities(nsIPermission* aPerm1, nsIPermission
   
   // store permission manager service and cache the enumerator.
   nsCOMPtr<nsIPermissionManager> pm ( do_GetService(NS_PERMISSIONMANAGER_CONTRACTID) );
-  mManager = pm.get();
-  NS_IF_ADDREF(mManager);
-  
-  // Keychain checkboxes	
+  mPermissionManager = pm.get();
+  NS_IF_ADDREF(mPermissionManager);
 
+  // store cookie manager service
+  nsCOMPtr<nsICookieManager> cm ( do_GetService(NS_COOKIEMANAGER_CONTRACTID) );
+  mCookieManager = cm.get();
+  NS_IF_ADDREF(mCookieManager);
+  
+  // Keychain checkboxes
   PRBool storePasswords = PR_TRUE;
   mPrefService->GetBoolPref(gUseKeychainPref, &storePasswords);
   [mStorePasswords setState:(storePasswords ? NSOnState : NSOffState)];
-  [mAutoFillPasswords setEnabled:storePasswords ? YES : NO];
-
+  
   PRBool autoFillPasswords = PR_TRUE;
   mPrefService->GetBoolPref(gAutoFillEnabledPref, &autoFillPasswords);
   [mAutoFillPasswords setState:(autoFillPasswords ? NSOnState : NSOffState)];
+  
+  // setup allow/deny table popups
+  NSPopUpButtonCell *popupButtonCell = [mPermissionColumn dataCell];
+  [popupButtonCell setEditable:YES];
+  [popupButtonCell addItemsWithTitles:[NSArray arrayWithObjects:[self getLocalizedString:@"Allow"], [self getLocalizedString:@"Deny"], nil]];
 }
 
-//
-// clearCookies:
-//
-// Clear all the user's cookies.
-//
--(IBAction) clearCookies:(id)aSender
+-(void) mapCookiePrefToGUI: (int)pref
 {
-  nsCOMPtr<nsICookieManager> cookieMonster ( do_GetService(NS_COOKIEMANAGER_CONTRACTID) );
-  if ( cookieMonster )
-    cookieMonster->RemoveAll();
+  [mCookieBehavior selectCellWithTag:pref];
+  [mAskAboutCookies setEnabled:(pref == kAcceptAllCookies || pref == kAcceptCookiesFromOriginatingServer)];
 }
 
+//
+// Stored cookie editing methods
+//
 
-//
-// clickEnableCookies:
-//
-// Set cookie prefs and updates the enabled/disabled states of the
-// "ask" and "edit sites" buttons.
-//
--(IBAction) clickEnableCookies:(id)sender
+-(void) populateCookieCache
 {
-  if ( !mPrefService )
-    return;
-    
-  // set the pref
-  BOOL enabled = [mCookiesEnabled state];
-  [self setPref:"network.cookie.cookieBehavior" toInt:[self mapCookieCheckboxToPref:enabled]];
-
-  // update the buttons
-  [mAskAboutCookies setEnabled:enabled];
-  [mEditSitesButton setEnabled:enabled];
-  [mEditSitesText setTextColor:(enabled ? [NSColor blackColor] : [NSColor lightGrayColor])];
+  nsCOMPtr<nsISimpleEnumerator> cookieEnum;
+  if ( mCookieManager )
+    mCookieManager->GetEnumerator(getter_AddRefs(cookieEnum));
+  
+  mCachedCookies = new nsCOMArray<nsICookie>;
+  if ( mCachedCookies && cookieEnum ) {
+    mCachedCookies->Clear();
+    PRBool hasMoreElements = PR_FALSE;
+    cookieEnum->HasMoreElements(&hasMoreElements);
+    while ( hasMoreElements ) {
+      nsCOMPtr<nsICookie> cookie;
+      cookieEnum->GetNext(getter_AddRefs(cookie));
+      mCachedCookies->AppendObject(cookie);
+      cookieEnum->HasMoreElements(&hasMoreElements);
+    }
+  }
 }
 
-
--(IBAction) clickAskAboutCookies:(id)sender
+-(IBAction) editCookies:(id)aSender
 {
-  [self setPref:"network.cookie.lifetimePolicy" toInt:([sender state] == NSOnState) ? kWarnAboutCookies : kAcceptCookiesNormally];
+  // build parallel cookie list
+  [self populateCookieCache];
+  
+  mCachedCookies->Sort(compareCookieHosts, nsnull);
+  
+  // ensure a row is selected (cocoa doesn't do this for us, but will keep
+  // us from unselecting a row once one is set; go figure).
+  [mCookiesTable selectRow: 0 byExtendingSelection: NO];
+  [mCookiesTable setHighlightedTableColumn:[mCookiesTable tableColumnWithIdentifier:@"Website"]];
+  
+  // we shouldn't need to do this, but the scrollbar won't enable unless we
+  // force the table to reload its data. Oddly it gets the number of rows correct,
+  // it just forgets to tell the scrollbar. *shrug*
+  [mCookiesTable reloadData];
+  
+  // bring up sheet
+  [NSApp beginSheet:mCookiesPanel
+     modalForWindow:[mAskAboutCookies window]   // any old window accessor
+      modalDelegate:self
+     didEndSelector:NULL
+        contextInfo:NULL];
 }
 
+-(IBAction) removeCookies:(id)aSender
+{
+  if (mCachedCookies && mCookieManager) {
+    NSArray *rows = [[mCookiesTable selectedRowEnumerator] allObjects];
+    NSEnumerator *e = [rows reverseObjectEnumerator];
+    NSNumber *index;
+    while (index = [e nextObject])
+    {
+      int row = [index intValue];
+      nsCAutoString host, name, path;
+      mCachedCookies->ObjectAt(row)->GetHost(host);
+      mCachedCookies->ObjectAt(row)->GetName(name);
+      mCachedCookies->ObjectAt(row)->GetPath(path);
+      mCookieManager->Remove(host, name, path, PR_FALSE);  // don't block permanently
+      mCachedCookies->RemoveObjectAt(row);
+    }
+  }
+  [mCookiesTable deselectAll: self];   // don't want any traces of previous selection
+  [mCookiesTable reloadData];
+}
 
--(IBAction) editCookieSites:(id)aSender
+-(IBAction) removeAllCookies: (id)aSender
+{
+  if ( mCookieManager ) {
+    // remove all cookies from cookie manager
+    mCookieManager->RemoveAll();
+    // create new cookie cache
+    delete mCachedCookies;
+    mCachedCookies = nsnull;
+    mCachedCookies = new nsCOMArray<nsICookie>;
+  }
+  [mCookiesTable reloadData];
+}
+
+-(IBAction) editCookiesDone:(id)aSender
+{
+  // save stuff
+  [mCookiesPanel orderOut:self];
+  [NSApp endSheet:mCookiesPanel];
+
+  delete mCachedCookies;
+  mCachedCookies = nsnull;
+}
+
+//
+// Site permission editing methods
+
+-(void) populatePermissionCache
 {
   nsCOMPtr<nsISimpleEnumerator> permEnum;
-  if ( mManager ) 
-    mManager->GetEnumerator(getter_AddRefs(permEnum));
-
-  // build parallel permission list for speed with a lot of blocked sites
+  if ( mPermissionManager ) 
+    mPermissionManager->GetEnumerator(getter_AddRefs(permEnum));
+  
   mCachedPermissions = new nsCOMArray<nsIPermission>;
   if ( mCachedPermissions && permEnum ) {
+    mCachedPermissions->Clear();
     PRBool hasMoreElements = PR_FALSE;
     permEnum->HasMoreElements(&hasMoreElements);
     while ( hasMoreElements ) {
@@ -187,121 +291,279 @@ PR_STATIC_CALLBACK(int) compareCapabilities(nsIPermission* aPerm1, nsIPermission
       permEnum->HasMoreElements(&hasMoreElements);
     }
   }
+}
 
-   mCachedPermissions->Sort(compareHosts, nsnull);
+-(IBAction) editPermissions:(id)aSender
+{
+  // build parallel permission list for speed with a lot of blocked sites
+  [self populatePermissionCache];
+  
+  mCachedPermissions->Sort(comparePermHosts, nsnull);
   
-  [NSApp beginSheet:mCookieSitePanel
-    modalForWindow:[mCookiesEnabled window]   // any old window accessor
-    modalDelegate:self
-    didEndSelector:@selector(editCookieSitesSheetDidEnd:returnCode:contextInfo:)
-    contextInfo:NULL];
-        
   // ensure a row is selected (cocoa doesn't do this for us, but will keep
   // us from unselecting a row once one is set; go figure).
-  [mSiteTable selectRow:0 byExtendingSelection:NO];
-  [[mSiteTable window] makeFirstResponder:mSiteTable];
-
-  [mSiteTable setHighlightedTableColumn:[mSiteTable tableColumnWithIdentifier:@"Website"]];
-  [mSiteTable setDeleteAction:@selector(removeCookieSite:)];
-  [mSiteTable setTarget:self];
+  [mPermissionsTable selectRow:0 byExtendingSelection:NO];
+  [mPermissionsTable setHighlightedTableColumn:[mPermissionsTable tableColumnWithIdentifier:@"Website"]];
   
   // we shouldn't need to do this, but the scrollbar won't enable unless we
   // force the table to reload its data. Oddly it gets the number of rows correct,
   // it just forgets to tell the scrollbar. *shrug*
-  [mSiteTable reloadData];
+  [mPermissionsTable reloadData];
+  
+  // bring up sheet
+  [NSApp beginSheet:mPermissionsPanel
+     modalForWindow:[mAskAboutCookies window]   // any old window accessor
+      modalDelegate:self
+     didEndSelector:NULL
+        contextInfo:NULL];
 }
 
--(IBAction) editCookieSitesDone:(id)aSender
+-(IBAction) removeCookiePermissions:(id)aSender
+{
+  if ( mCachedPermissions && mPermissionManager ) {
+    // remove from parallel array and cookie permissions list
+    NSArray *rows = [[mPermissionsTable selectedRowEnumerator] allObjects];
+    NSEnumerator *e = [rows reverseObjectEnumerator];
+    NSNumber *index;
+    while (index = [e nextObject])  {
+      int row = [index intValue];
+      nsCAutoString host;
+      mCachedPermissions->ObjectAt(row)->GetHost(host);
+      mPermissionManager->Remove(host, "cookie");
+      mCachedPermissions->RemoveObjectAt(row);
+    }
+  } 
+  [mPermissionsTable deselectAll: self];   // don't want any traces of previous selection
+  [mPermissionsTable reloadData];
+}
+
+-(IBAction) removeAllCookiePermissions: (id)aSender
+{
+  if ( mPermissionManager ) {
+    // remove all permissions from permission manager
+    mPermissionManager->RemoveAll();
+    delete mCachedPermissions;
+    mCachedPermissions = nsnull;
+    mCachedPermissions = new nsCOMArray<nsIPermission>;
+  }
+  [mPermissionsTable reloadData];
+}
+
+-(IBAction) editPermissionsDone:(id)aSender
 {
   // save stuff
-  
-  [mCookieSitePanel orderOut:self];
-  [NSApp endSheet:mCookieSitePanel];
+  [mPermissionsPanel orderOut:self];
+  [NSApp endSheet:mPermissionsPanel];
   
   delete mCachedPermissions;
   mCachedPermissions = nsnull;
 }
 
-- (void)editCookieSitesSheetDidEnd:(NSWindow *)sheet returnCode:(int)returnCode contextInfo:(void  *)contextInfo
-{
-}
-
-
--(IBAction) removeCookieSite:(id)aSender
-{
-  if ( mCachedPermissions && mManager ) {
-    // remove from parallel array and cookie permissions list
-    int row = [mSiteTable selectedRow];
-
-    // remove from permission manager (which is done by host, not by row), then 
-    // remove it from our parallel array (which is done by row). Since we keep a
-    // parallel array, removing multiple items by row is very difficult since after 
-    // deleting, the array is out of sync with the next cocoa row we're told to remove. Punt!
-    nsCAutoString host;
-    nsIPermission* perm = mCachedPermissions->ObjectAt(row);
-    if (perm) {
-      perm->GetHost(host);
-      mManager->Remove(host, "cookie");		// could this api _be_ any worse? Come on!
-      mCachedPermissions->RemoveObjectAt(row);
-    }
-
-    [mSiteTable reloadData];
-  }
-}
-
-
 //
 // NSTableDataSource protocol methods
 //
 
-- (int)numberOfRowsInTableView:(NSTableView *)aTableView
+-(int) numberOfRowsInTableView:(NSTableView *)aTableView
 {
   PRUint32 numRows = 0;
-  if ( mCachedPermissions )
-    numRows = mCachedPermissions->Count();
+  if (aTableView == mPermissionsTable) {
+    if ( mCachedPermissions )
+      numRows = mCachedPermissions->Count();
+  } else if (aTableView == mCookiesTable) {
+    if ( mCachedCookies )
+      numRows = mCachedCookies->Count();
+  }
 
   return (int) numRows;
 }
 
-- (id)tableView:(NSTableView *)aTableView objectValueForTableColumn:(NSTableColumn *)aTableColumn row:(int)rowIndex
+-(id) tableView:(NSTableView *)aTableView objectValueForTableColumn:(NSTableColumn *)aTableColumn row:(int)rowIndex
 {
   NSString* retVal = nil;
-  if ( mCachedPermissions ) {
-    if ( [[aTableColumn identifier] isEqualToString:@"Website"] ) {
+  if (aTableView == mPermissionsTable) {
+    if ( mCachedPermissions ) {
+      if ( [[aTableColumn identifier] isEqualToString:@"Website"] ) {
         // website url column
         nsCAutoString host;
         mCachedPermissions->ObjectAt(rowIndex)->GetHost(host);
-        retVal = [NSString stringWithCString:host.get()];
-    } else {
+        retVal = [NSString stringWithUTF8String:host.get()];
+      } else {
         // allow/deny column
         PRUint32 capability = PR_FALSE;
         mCachedPermissions->ObjectAt(rowIndex)->GetCapability(&capability);
-        if ( capability == nsIPermissionManager::ALLOW_ACTION)
-          retVal = [self getLocalizedString:@"Allow"];
+        if ( capability == nsIPermissionManager::ALLOW_ACTION )
+          return [NSNumber numberWithInt:kAllowIndex];   // special case return
         else
-          retVal = [self getLocalizedString:@"Deny"];
+          return [NSNumber numberWithInt:kDenyIndex];    // special case return
+      }
     }
   }
-  
+  else if (aTableView == mCookiesTable) {
+    if ( mCachedCookies ) {
+      nsCAutoString cookieVal;
+      if ( [[aTableColumn identifier] isEqualToString: @"Website"] ) {
+        mCachedCookies->ObjectAt(rowIndex)->GetHost(cookieVal);
+      } else if ( [[aTableColumn identifier] isEqualToString: @"Name"] ) {
+        mCachedCookies->ObjectAt(rowIndex)->GetName(cookieVal);
+      } else if ( [[aTableColumn identifier] isEqualToString: @"Path"] ) {
+        mCachedCookies->ObjectAt(rowIndex)->GetPath(cookieVal);
+      } else if ( [[aTableColumn identifier] isEqualToString: @"Secure"] ) {
+        PRBool secure = PR_FALSE;
+        mCachedCookies->ObjectAt(rowIndex)->GetIsSecure(&secure);
+        if (secure)
+          cookieVal = "yes";
+        else
+          cookieVal = "no";
+      } else if ( [[aTableColumn identifier] isEqualToString: @"Expires"] ) {
+        PRUint64 expires = 0;
+        mCachedCookies->ObjectAt(rowIndex)->GetExpires(&expires);
+        if (expires == 0) {
+          // if expires is 0, it's a session cookie; display as expiring on the current date.
+          // It's not perfect, but it's better than showing the epoch.
+          NSDate *date = [NSDate date];
+          return date;   // special case return
+        } else {
+          NSDate *date = [NSDate dateWithTimeIntervalSince1970: (NSTimeInterval)expires];
+          return date;   // special case return
+        }
+      } else if ( [[aTableColumn identifier] isEqualToString: @"Value"] ) {
+        mCachedCookies->ObjectAt(rowIndex)->GetValue(cookieVal);
+      }
+      retVal = [NSString stringWithCString: cookieVal.get()];
+    }
+  }
+	  
   return retVal;
 }
 
+// currently, this only applies to the site allow/deny, since that's the only editable column
+-(void) tableView:(NSTableView *)aTableView
+   setObjectValue:anObject
+   forTableColumn:(NSTableColumn *)aTableColumn
+              row:(int)rowIndex
+{
+  if ( aTableView == mPermissionsTable && aTableColumn == mPermissionColumn ) {
+    if ( mCachedPermissions && mPermissionManager ) {
+      // create a URI from the hostname of the changed site
+      nsCAutoString host;
+      mCachedPermissions->ObjectAt(rowIndex)->GetHost(host);
+      NSString* url = [NSString stringWithFormat:@"http://%s", host.get()];
+      const char* siteURL = [url UTF8String];
+      nsCOMPtr<nsIURI> newURI;
+      NS_NewURI(getter_AddRefs(newURI), siteURL);
+      if ( newURI ) {
+        // nsIPermissions are immutable, and there's no API to change the action,
+        // so instead we have to delete the old pref and insert a new one.
+        // remove the old entry
+        mPermissionManager->Remove(host, "cookie");
+        // add a new entry with the new permission
+        if ( [anObject intValue] == kAllowIndex )
+          mPermissionManager->Add(newURI, "cookie", nsIPermissionManager::ALLOW_ACTION);
+        else if ( [anObject intValue] == kDenyIndex )
+          mPermissionManager->Add(newURI, "cookie", nsIPermissionManager::DENY_ACTION);
+        
+        // there really should be a better way to keep the cache up-to-date than rebuilding
+        // it, but the nsIPermissionManager interface doesn't have a way to get a pointer
+        // to a site's nsIPermission. It's this, use a custom class that duplicates the
+        // information (wasting a lot of memory), or find a way to tie in to
+        // PERM_CHANGE_NOTIFICATION to get the new nsIPermission that way.
+        [self populatePermissionCache];
+        //re-sort
+        [self sortPermissionsByColumn:[mPermissionsTable highlightedTableColumn]];
+      }
+    }
+  }
+}
+
+-(void) sortPermissionsByColumn:(NSTableColumn *)aTableColumn
+{
+  if( mCachedPermissions ) {
+    if ( [[aTableColumn identifier] isEqualToString:@"Website"] )
+      mCachedPermissions->Sort(comparePermHosts, nsnull);
+    else
+      mCachedPermissions->Sort(compareCapabilities, nsnull);
+    [mPermissionsTable setHighlightedTableColumn:aTableColumn];
+    [mPermissionsTable reloadData];
+  }
+}
+
+-(void) sortCookiesByColumn:(NSTableColumn *)aTableColumn
+{
+  if( mCachedCookies ) {
+    if ( [[aTableColumn identifier] isEqualToString:@"Website"] )
+      mCachedCookies->Sort(compareCookieHosts, nsnull);
+    else if ( [[aTableColumn identifier] isEqualToString:@"Name"] )
+      mCachedCookies->Sort(compareNames, nsnull);
+    else if ( [[aTableColumn identifier] isEqualToString:@"Path"] )
+      mCachedCookies->Sort(comparePaths, nsnull);
+    else if ( [[aTableColumn identifier] isEqualToString:@"Secure"] )
+      mCachedCookies->Sort(compareSecures, nsnull);
+    else if ( [[aTableColumn identifier] isEqualToString:@"Expires"] )
+      mCachedCookies->Sort(compareExpires, nsnull);
+    else if ( [[aTableColumn identifier] isEqualToString:@"Value"] )
+      mCachedCookies->Sort(compareValues, nsnull);
+    [mCookiesTable setHighlightedTableColumn:aTableColumn];
+    [mCookiesTable reloadData];
+  }
+}
 
 // NSTableView delegate methods
 
-- (void)tableView:(NSTableView *)aTableView didClickTableColumn:(NSTableColumn *)aTableColumn
+- (void) tableView:(NSTableView *)aTableView didClickTableColumn:(NSTableColumn *)aTableColumn
 {
-  if( mCachedPermissions && aTableColumn != [aTableView highlightedTableColumn] ) {
-    if ( [[aTableColumn identifier] isEqualToString:@"Website"] )
-        mCachedPermissions->Sort(compareHosts, nsnull);
-    else
-        mCachedPermissions->Sort(compareCapabilities, nsnull);
-    
-    [aTableView setHighlightedTableColumn:aTableColumn];
-    [aTableView reloadData];
+  if (aTableView == mPermissionsTable) {
+    if ( mCachedPermissions && aTableColumn != [aTableView highlightedTableColumn] ) {
+      // save the currently selected row, if any.
+      int selectedRowIndex = [aTableView selectedRow];
+      nsCOMPtr<nsIPermission> selectedItem = (selectedRowIndex != -1) ?
+        mCachedPermissions->ObjectAt(selectedRowIndex) : nsnull;
+      // sort the table data
+      [self sortPermissionsByColumn:aTableColumn];
+      // if a row was selected before, find it again
+      if ( selectedItem ) {
+        int newRowIndex = mCachedPermissions->IndexOf(selectedItem);
+        if ( newRowIndex >= 0 ) {
+          [aTableView selectRow:newRowIndex byExtendingSelection:NO];
+          [aTableView scrollRowToVisible:newRowIndex];
+        }
+      }
+    }
+  } else if (aTableView == mCookiesTable) {
+    if ( mCachedCookies && aTableColumn != [aTableView highlightedTableColumn] ) {
+      // save the currently selected row, if any
+      int selectedRowIndex = [aTableView selectedRow];
+      nsCOMPtr<nsICookie> selectedItem = (selectedRowIndex != -1) ?
+        mCachedCookies->ObjectAt(selectedRowIndex) : nsnull;
+      // sort the table data
+      [self sortCookiesByColumn:aTableColumn];
+      // if a row was selected before, find it again
+      if ( selectedItem ) {
+        int newRowIndex = mCachedCookies->IndexOf(selectedItem);
+        if ( newRowIndex >= 0 ) {
+          [aTableView selectRow:newRowIndex byExtendingSelection:NO];
+          [aTableView scrollRowToVisible:newRowIndex];
+        }
+      }
+    }
   }
 }
 
+//
+// Buttons
+//
+
+-(IBAction) clickCookieBehavior:(id)sender
+{
+  int row = [mCookieBehavior selectedRow];
+  [self setPref:"network.cookie.cookieBehavior" toInt:row];
+  [self mapCookiePrefToGUI:row];
+}
+
+-(IBAction) clickAskAboutCookies:(id)sender
+{
+  [self setPref:"network.cookie.lifetimePolicy" toInt:([sender state] == NSOnState) ? kWarnAboutCookies : kAcceptCookiesNormally];
+}
+
 
 //
 // clickStorePasswords
@@ -310,16 +572,9 @@ PR_STATIC_CALLBACK(int) compareCapabilities(nsIPermission* aPerm1, nsIPermission
 {
   if ( !mPrefService )
     return;
-  if([mStorePasswords state] == NSOnState)
-  {
-      mPrefService->SetBoolPref("chimera.store_passwords_with_keychain", PR_TRUE);
-      [mAutoFillPasswords setEnabled:YES];
-  }
-  else
-  {
-      mPrefService->SetBoolPref("chimera.store_passwords_with_keychain", PR_FALSE);
-      [mAutoFillPasswords setEnabled:NO];
-  }        
+  mPrefService->SetBoolPref("chimera.store_passwords_with_keychain",
+                            ([mStorePasswords state] == NSOnState) ? PR_TRUE : PR_FALSE);
+  [mAutoFillPasswords setEnabled:([mStorePasswords state] == NSOnState)];
 }
 
 //
@@ -332,7 +587,7 @@ PR_STATIC_CALLBACK(int) compareCapabilities(nsIPermission* aPerm1, nsIPermission
   if ( !mPrefService )
     return;
   mPrefService->SetBoolPref("chimera.keychain_passwords_autofill",
-                            [mAutoFillPasswords state] == NSOnState ? PR_TRUE : PR_FALSE);
+                            ([mAutoFillPasswords state] == NSOnState) ? PR_TRUE : PR_FALSE);
 }
 
 -(IBAction) launchKeychainAccess:(id)sender
diff --git a/camino/src/preferences/PreferenceManager.mm b/camino/src/preferences/PreferenceManager.mm
index c2f212bcda1..5c488fb5c7f 100644
--- a/camino/src/preferences/PreferenceManager.mm
+++ b/camino/src/preferences/PreferenceManager.mm
@@ -309,11 +309,7 @@ static BOOL gMadePrefManager;
     PRInt32 acceptCookies = 0;
     static const char* kCookieBehaviorPref = "network.cookie.cookieBehavior";
     mPrefs->GetIntPref(kCookieBehaviorPref, &acceptCookies);
-    if ( acceptCookies == 1 ) {          // accept foreign cookies, assume off  
-      acceptCookies = 2;
-      mPrefs->SetIntPref(kCookieBehaviorPref, acceptCookies);
-    }
-    else if ( acceptCookies == 3 ) {     // p3p, assume all cookies on
+    if ( acceptCookies == 3 ) {     // p3p, assume all cookies on
       acceptCookies = 0;
       mPrefs->SetIntPref(kCookieBehaviorPref, acceptCookies);
     }