We're calling on all EU-based Mozillians with iOS or iPadOS devices to help us monitor Apple’s new browser choice screens. Join the effort to hold Big Tech to account!

본 사이트는 여러분의 사용자 경험을 개선하기 위해 유지 보수를 진행하는 동안 기능이 제한됩니다. 도움말로 문제가 해결되지 않고 질문을 하고 싶다면 Twitter의 @FirefoxSupport 및 Reddit의 /r/firefox 채널을 활용하세요.

Mozilla 도움말 검색

고객 지원 사기를 피하세요. 저희는 여러분께 절대로 전화를 걸거나 문자를 보내거나 개인 정보를 공유하도록 요청하지 않습니다. "악용 사례 신고"옵션을 사용하여 의심스러운 활동을 신고해 주세요.

자세히 살펴보기

Site Circumventing Firefox Privacy Settings

  • 5 답장
  • 1 이 문제를 만남
  • 14 보기
  • 최종 답변자: Oo0Bailey0oO

more options

The site FindTheBest.com appears to be bypassing Firefox's privacy settings, changing it to always allow cookies despite being set to block all cookies.

I've tested this several times and I've verified on other sites that the privacy settings are still being adhered to. I'm not sure how they can change the browser setting like that though.

In my last test, I deleted their cookie, removed the cookie exception, set a new exception to always block, blocked all new cookies, closed the page and re-opened it. Still changing it to allow as a new exception.

Is this possible? How can I control it?

The site FindTheBest.com appears to be bypassing Firefox's privacy settings, changing it to always allow cookies despite being set to block all cookies. I've tested this several times and I've verified on other sites that the privacy settings are still being adhered to. I'm not sure how they can change the browser setting like that though. In my last test, I deleted their cookie, removed the cookie exception, set a new exception to always block, blocked all new cookies, closed the page and re-opened it. Still changing it to allow as a new exception. Is this possible? How can I control it?

모든 댓글 (5)

more options

Are you blocking cookies from findthebest.com or www.findthebest.com ?

You always need to block cookies from the top domain to be sure to block items from sub domains.

more options

Yes, to clarify above, when I'm blocking the site I'm using www.findthebest.com either automatically by "ask me every time" cookie control pop-ups or manually by typing it into the cookie exception window.

Maybe you can test the site as well and then I can tell if it's specific to me or possibly universal.

Thanks

more options

I see cookies from findthebest.com, so if you only block cookies from the domain with the www. prefix then those aren't blocked.

See this thread for a similar issue with Facebook and cookies and sub domains.

more options

But how is it circumventing Privacy setting of "Ask Me Every Time"? The pop-up never comes up, it just sets itself to always allow. Also, even the www. exception is involuntarily flipped to always allow.

I've just tested it again. Under Page Info when on their site, I set it to block cookies, then I refreshed. When I checked it again, it stayed as block this time.

Then I attempted to click "Default" the area went grey and the box stayed unchecked. I clicked it again and the box checked. After refreshing the page again though, no dialog box came up for Default and "block" was still selected under Page Info.

In effect, the same behaviour as always allow but with block now which suggests something is wrong with Firefox for this specific site and not malicious intent on the site itself.

I tried to reproduce this on this very mozilla page, but it behaves as normal/expected, as every other site has so far too.

more options

I forgot to add, this behaviour occurs under safe mode too.