Total Cookie Protection Breaks site
Hi Team,
Let me explain how our website is designed first. We have site "A", and inside it we have embedded site "B" via iframe. Site "B" contains various items in local storage based on the operation performed. So, in dev tools, we can see those local storage items under site "B". Now when clicking a link in site "B", it opens the same site ("B") in a new tab which will basically read all its local storage items. But when I open dev tools in this new tab, items of local storage is empty.
I have referred this document https://support.mozilla.org/en-US/kb/total-cookie-protection-and-website-breakage-faq Based on this, I disabled Enhanced Tracking Protection by clicking the toggle in the shield panel next to the address bar. Now, I can read items of local storage in new tab after disabling this setting. But, in earlier versions of Firefox I was able to access local storage for the above scenario. This got broke due to the Total Cookie Protection feature.
My doubt is that, we are not trying to access local storage of different host. We are only trying to access localstorage of Site "B" in a different tab. May I know if there is a way to fix this other than disabling Enhanced tracking protection ? Let us know if any code fix is available as well.
All Replies (4)
If there is no URL or screenshot of the issue no one can replicate nor verify what the issue is happening.
Maybe try to create a cookie allow exception with the proper protocol.
What is the setting for cookies in ETP in Settings > Privacy & Security? You could try the former setting "Cross-site tracking cookies".
Terry said
What is the setting for cookies in ETP in Settings > Privacy & Security? You could try the former setting "Cross-site tracking cookies".
Hi, I tried setting "Cross-site tracking cookies" in settings. This indeed fixes the issue. But documentation of mozilla states that "Disabling Total Cookie Protection will make it easier for sites to track you. But Enhanced Tracking Protection will still provide some baseline protection in standard mode." . So, thinking if this option is a better way. Is there any other safer way or code fix for this issue?