How to allow cookies for currently visited site?
First of all, the question-topic "How can I allow cookies for only my specified sites?" (https://support.mozilla.org/en-US/questions/976723) has been closed by accepting a solution that is **irrelevant**: It suggest to just Allow Cookies in the Privacy page, which is quite a commonplace! The restriction "only my specified sites" has been totally ignored! So, I had to rephrase and post the question, hoping that this time I will get a better response.
The problem is that when one allows cookies in general, independently of the "Always", "From Visited" and "Never" options, all the sites opened at that time in other Tags will also place their cookies, independently of whether they are "in focus" (i.e. their Tag is selected for viewing) or not. I have established this.
I have searched for an add-on that can handle this but I have not found any. Almost all of the add-ons on cookies are for "self-destroyed" cookies and destroying cookies after FF terminates (which can be done by using the "Clear history ..." option or cookie manages for editing deleting etc. cookies?
I can give an example of what I am talking about: "Adblock Plus" add-on allows you to disable blocking for the currently visited site. Does anyone know of a add-on for cookies or any other way to achieve the same effect?
All Replies (13)
Cookies are sent by websites. You can tell Firefox to not allow sites that you choose by following these directions.
Type about:preferences#privacy<enter> in the address bar. The button next to History, select Use Custom Settings.
Under History, turn on Accept cookies from sites BUT turn off Accept third-party cookies.
Warning: This could cause some web pages not to load properly.
At the far right, press the Exceptions button. Place those websites you don't want here.
You can by default disable all cookies and create an allow exception for specific domains if you do not want to allow cookies generally by default.
You can set the exception via "Tools -> Page Info -> Permissions" or via "Options/Preferences -> Privacy & Security". You only need to make sure to specify the correct protocol (http:// or https:// or both if you aren't sure).
If you allow all cookies, but disable third-party cookies then you can create specific allow exceptions for specific domains when necessary in case pages do not work properly.
You can set network.cookie.thirdparty.sessionOnly to true on the about:config page to make third-party cookies behave as session cookies that expire when Firefox is closed.
@FredMcD, thank you for trying to help but: 1) The statement "Cookies are sent by websites" invalidates the questioner. Think for a while why. 2) Telling Firefox to not allow sites that you choose means that you have to create a list of thousands sites!!! 3) Turn off Accept third-party cookies: It doesn't exist as an option anymore! 4) Place those websites you don't want in the Exceptions list: again, how many, 100, 100, 10000?
An advice: I you want to help, in general, please 1) understand well the question and in its details, because it's there the problem actually lies 2) Avoid commonplace and useless statements, 3) Avoid suggesting things that require tremendous effort to apply, 4) Indicate things that are applicable in the *recent* FF versions.
@cor-el, thank you for your reply. Unfortunately, adding a site in the Exceptions list, is not enough. This was what should actually happen, but one has still to open allow cookies. The only good thing about the Exceptions list is that whan you close FF, only the cookies from "allowed" sites are kept (in the next session). This is how FF works since I first used it (20 years? ago) and still does. The other things you mention are well known, but they don't address the problem "How to allow cookies for a single site only" They are aither globally allowed (for everyone) on not at all (even for thow in the Exceptions list.
Something very strange happens ... In my description, I give more detailed information than about 50% that I receive, and I show clearly -- through all these details I provide -- that I know the subject of cookies quite well, yet I receive indications, suggestions, etc. as if I knew very little or even nothing about it!! Honestrly, I really can't get it.
Hi aspis, it sounds like you have exhausted the available settings and you are not able to find a way to block all cookies that are not on the Exceptions list because then Firefox doesn't even use the Exceptions list at all. Is that right? I'll take your word for it. We can only offer alternate suggestions and workarounds based on your goals.
Usually people are concerned that a cookie identifies them to a website or ad network, so cookies enable a site or ad network to build a profile of their activity on the same site or across multiple sites. Is that what you want to avoid? But flushing those cookies at the end of each session doesn't avoid it enough?
There is an extension named uMatrix that controls numerous kinds of first party and third party data and content. You could look at whether its controls work for you. To make it less complex, you could initially allow most kinds of content other than cookies so you have fewer decision to make. I don't use it myself, but there are support communities on the web.
What do you mean you take my word for it? :)) Haven't you try for yourself? Does FF behave differently for you than what I described? If so, I would like to know! :)
Then, why should I care what people usually care about? Should I start caring about what people usually care about? :))
Then, what "goals" are you talking about? And what first party and third party ...? Did I mentioned I cared about that? I said ", independently of the "Always", "From Visited" and "Never" options".
My question was very simple and it is written very clearly. And I have added all the details needed (actually, more than what was needed) so as to make it very concrete. I can't make it more clear or simplify it more. How can one get off-topic so easily???
Modified
Hi, As we are Firefox Volunteer Support , users like you . We use our own systems which and versions or multiple versions, or not. We try to replicate things as best as possible but for you your running Win 7 and I am on Win 10 so it makes no sense to try to do a lot.
What we do from all over the world is trouble shoot in our spare time to help you.
Please try here as they are not ones that you listed as destroy or clear but are Cookie Managers : https://addons.mozilla.org/en-GB/firefox/search/?platform=windows&q=cookie+manager
Please let us know if this solved your issue or if need further assistance.
Running on Windows 7 or Windows 8 or Windows 10 is totally irrelevant to this issue! It's not a Windows issue! It's not even an issue of FF version, since this kind of behavior ("Exceptions list" being useless) is from "day One" (or Two :). If you tried to suggest a workable solution to the current problem, it would be fine. But you have not even understood the question.
Thank you for suggesting an add-on, but see, I have already done that and I indicated it in my description of the problem (Re: "I have searched for an add-on that can handle this but I have not found any.") See, you don't read the details of the question which beyond clarifying the problem, also include things the questioner has already done so as to avoid wasting time talking about them! :)
So, I appreciate your -- and everyone else's -- effort to help, really, but see, if one cannot assess the problem, then one only wastes one's (spare) time and of course, mine too, in trying to describe how and when one should reply to questions. I could just ignore the replies, as many people do, but feel I have to contribute to this help in this way place to make it more effective. I may be wrong ...
Modified
aspis said
What do you mean you take my word for it? :)) Haven't you try for yourself? Does FF behave differently for you than what I described? If so, I would like to know! :)
You're right, I shouldn't take your word for it. I later found time to test. With these settings --
(1) Set an "Allow" exception for https://google.com
(2) Set Firefox to accept no cookies or site data
(3) Browse
-- Google is able to set cookies (for example, search settings for number of results per page), and other sites cannot set cookies.
In the second image, you can see that Firefox only accepted cookies for Google, but created a 64KB database file for each sites I visited, and for some third party sources of content used in those sites. When I inspect their contents using an online SQLite database viewer (https://inloop.github.io/sqlite-viewer/), the files are empty, so I don't know what those are for.
You can test in a fresh profile (as I did) to rule out conflicting settings and add-ons.
New Profile Test
This takes about 3 minutes, plus the time to test.
Inside Firefox, type or paste about:profiles in the address bar and press Enter/Return to load it.
Click the Create a New Profile button, then click Next. Assign a name like June2018, ignore the option to relocate the profile folder, and click the Finish button.
After creating the profile, scroll down to it and click the Set as default profile button below that profile, then scroll back up and click the Restart normally button. (There are some other buttons, but please ignore them.)
Firefox should exit and then start up using the new profile, which will just look brand new. If Firefox suggests activating extensions it found on your system, ignore those tabs for now to get a clean test.
Then you can set your cookie exceptions and preferences and go testing.
When you are done with the experiment, open the about:profiles page again, click the Set as default profile button for your normal profile, then click the Restart normally button to get back to it.
Thank you @jscher2000 for your reply and the time you took for testing! I really appreciate it. I am afraid though that Google, even if it seems is has no problem, it does! Examples: 1) when you need to configure it, 2) when it asks that you read changes in policy etc., 3) in Google Play, etc. In all these these case, it needs cookes "wide open" :)
No, the problem (deficiency) lies in FF itself. Namely, that it could act as if cookies are "open" (allowed) to the sites one enters in the Exceptions list. It's a very old issue and I remember I had written about that in this forum years ago. I am a professional and experience programmer and I am sure this can be done, although I have not created a Web browser to know how the allowing cookies stuff exactly works! :) Besides, I believe this is evident to everyone. I have never obtained a good answer on what is actually the purpose of Exceptions list! The only thing I know is that in the past, all cookies were destroyed after you terminated FF, if the site they came from was not in the list (with "Clear history ..." option enabled). And it seems that in the new FF even this facility has been dropped! (When I restart FF, I see cookies from unknown sites, which are not listed in the Exceptions list!! I have already mentioned in another thread in here that FF has clearly deteriorated and maybe to a point of "non return" (It crashes relatively easily, it stalls after being idle for sometime, etc., things that were not happening in the recent past. And it is certain that my PC has no problem, because I run dozens of applications everyday w/o the least problem.
And no, I don't want to create a new profile. I have home-made utilities, based on this profile and I also don't want to reconfigure everything. Besides, I don't thing this would change anything ...
Modified
aspis said
I am afraid though that Google, even if it seems is has no problem, it does! Examples: 1) when you need to configure it, 2) when it asks that you read changes in policy etc., 3) in Google Play, etc. In all these these case, it needs cookes "wide open" :)
Please provide an example URL where this problem occurs.
I have never obtained a good answer on what is actually the purpose of Exceptions list! The only thing I know is that in the past, all cookies were destroyed after you terminated FF, if the site they came from was not in the list (with "Clear history ..." option enabled).
The Exceptions list (cookie permissions list) specifies what Firefox does with a site's request to set cookies in real time when those requests are made:
- block => disregard the request
- allow => set the cookie using the site's requested expiration date (which allows both persistent and session only cookies)
- allow for session => set the cookie making it session only
If you use "Clear history..." with Cookies checked, ALL cookies will be removed. That feature does not honor the Exceptions list.
And it seems that in the new FF even this facility has been dropped! (When I restart FF, I see cookies from unknown sites, which are not listed in the Exceptions list!
If you have Firefox set to block all cookies from sites not on the Exceptions list, other sites should not be able to set cookies. Can you give examples of sites that bypass the settings? Please distinguish between the "Cookies" and "Storage" columns when drawing your conclusions; they are not the same thing, as I discovered in my testing.
Please provide an example URL where this problem occurs.
I already mentioned 3 examples in which Google needs cookies open. What else do you need? To give you the URL, e.g. of Google Play???
The Exceptions list (cookie permissions list) specifies what Firefox does with a site's request ...
I already explained how the Exceptions list does NOT work. The 3 options -- "block", "allow" and "allow for session" -- you mention have no effect, or rather, are irrelevant to the phenomenon I described.
If you use "Clear history..." with Cookies checked, ALL cookies will be removed. That feature does not honor the Exceptions list.
Nope! This is wrong. I mentioned that cookies are kept! (I start worrying about my English! :)
If you have Firefox set to block all cookies from sites not on the Exceptions list, other sites should not be able to set cookies.
This is very interesting: How can I set FF to block cookies especially from sites not in the list? I can either allow or block cookies. If I allow them, ALL sites (indepentently of the list) can store cookies. If I don't, NO site (even those in the list) can store cookies. Is there a mid-way?
Modified