X
點擊此處開啟此網站的行動版。

技術支援討論區

Website storing cookies despite listed as blocked in exceptions Firefox59.02

已張貼

I am using Firefox Quantum 59.02 on OSX 10.13.4 I have enabled session cookies, except 3rd party. w When I l set eg. bbc.co.uk in the exceptions list as blocked, it shows as storing cookies when I view cookies.

In Cookies it is listed as bbc.co.uk, in Exceptions ..blocked, it shows as http//www.bbc.co.uk

I am using Firefox Quantum 59.02 on OSX 10.13.4 I have enabled session cookies, except 3rd party. w When I l set eg. bbc.co.uk in the exceptions list as blocked, it shows as storing cookies when I view cookies. In Cookies it is listed as bbc.co.uk, in Exceptions ..blocked, it shows as http//www.bbc.co.uk

被選擇的解決方法

In Exceptions, Firefox is particular about the protocol. You usually need to create both the secure and insecure versions:

A possibly more convenient way if you are dealing with first-party cookies is to use the Permissions panel of the Page Info dialog.

You can call that up using any of these:

  • right-click a blank area of the page and choose View Page Info > Permissions
  • (menu bar) Tools menu > Page Info > Permissions
  • click the padlock or "i" icon to the left of the site address, then the ">" icon, then More Information > Permissions

Scroll down to "Set Cookies" and uncheck the "Use default" box, and then select the permission you prefer. That change should show up in the Exceptions dialog.

從原來的回覆中察看解決方案 0

額外的系統細節

應用程式

  • User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:59.0) Gecko/20100101 Firefox/59.0

更多資訊

jscher2000
  • Top 10 Contributor
8579 個解決方法 70146 個答案

選擇的解決方法

In Exceptions, Firefox is particular about the protocol. You usually need to create both the secure and insecure versions:

A possibly more convenient way if you are dealing with first-party cookies is to use the Permissions panel of the Page Info dialog.

You can call that up using any of these:

  • right-click a blank area of the page and choose View Page Info > Permissions
  • (menu bar) Tools menu > Page Info > Permissions
  • click the padlock or "i" icon to the left of the site address, then the ">" icon, then More Information > Permissions

Scroll down to "Set Cookies" and uncheck the "Use default" box, and then select the permission you prefer. That change should show up in the Exceptions dialog.

In Exceptions, Firefox is particular about the protocol. You usually need to create both the secure and insecure versions: * http://example.com * https://example.com A possibly more convenient way if you are dealing with first-party cookies is to use the Permissions panel of the Page Info dialog. You can call that up using any of these: * right-click a blank area of the page and choose View Page Info > Permissions * (menu bar) Tools menu > Page Info > Permissions * click the padlock or "i" icon to the left of the site address, then the ">" icon, then More Information > Permissions Scroll down to "Set Cookies" and uncheck the "Use default" box, and then select the permission you prefer. That change should show up in the Exceptions dialog.
cor-el
  • Top 10 Contributor
  • Moderator
17346 個解決方法 156782 個答案

Note that you may have to leave out the www prefix. I assume that the missing colon in http:// is a typo.

Note that you may have to leave out the www prefix. I assume that the missing colon in http:// is a typo. *http://bbc.co.uk *https://bbc.co.uk

提出問題者

Hi jscher2000, I just wanted to say thank you very much for your help.

Hi jscher2000, I just wanted to say thank you very much for your help.
canadajohn 0 個解決方法 6 個答案

Until recently I had my security settings in "Cookies and Site Data" set at "Block Cookies and Site Data". This blocked all cookies from all sites but those I had listed on the "Exceptions" page. But something changed suddenly. Now if I set my cookie security at "Block Cookies and Site Data" the sites I have listed on the exception page will be erased as soon as I shut down Firefox. The only way I can get those "exception" sites to remain listed is if I set my security at "Accept Cookies and Site Data from Websites", but that defeats the purpose as now all sites are free to create cookies. So does anybody know what's changed? I really loved to be able to block all cookies but those from the sites I chose to allow. Thanks. (I'm using Firefox 60.0.2)

Until recently I had my security settings in "Cookies and Site Data" set at "Block Cookies and Site Data". This blocked all cookies from all sites but those I had listed on the "Exceptions" page. But something changed suddenly. Now if I set my cookie security at "Block Cookies and Site Data" the sites I have listed on the exception page will be erased as soon as I shut down Firefox. The only way I can get those "exception" sites to remain listed is if I set my security at "Accept Cookies and Site Data from Websites", but that defeats the purpose as now all sites are free to create cookies. So does anybody know what's changed? I really loved to be able to block all cookies but those from the sites I chose to allow. Thanks. (I'm using Firefox 60.0.2)
jscher2000
  • Top 10 Contributor
8579 個解決方法 70146 個答案

Hi canadajohn, Firefox should not delete your Exceptions list at shutdown unless you used a different setting:

In the History section (Options > Privacy & Security > History):

"Clear history when Firefox closes" and when you click the "Settings" button to the right of it, you have "Site preferences" selected for clearance

Hi canadajohn, Firefox should not delete your Exceptions list at shutdown '''unless''' you used a different setting: In the History section (Options > Privacy & Security > History): "Clear history when Firefox closes" and when you click the "Settings" button to the right of it, you have "Site preferences" selected for clearance
canadajohn 0 個解決方法 6 個答案

Hi.

Thanks fror the reply but I'm afraid I'm not quite sure what you are suggesting. I'm attaching a picture of my present settings on the main "Privacy and Security" page along with an image of the settings I have selected in the "Settings" menu found in the "History" section of that page. As you will see the only box I've left unchecked is "Site Preferences".

You'll see I also have the "Cookies and Site Data" section set at "Accept cookies and site data from websites". If I change that to my prefered "Block cookies and site data" the sites I've listed as "Exceptions" will not open and often will give me a message that I have to allow cookies.

Maybe I'm confused but I thought that the "Exception" list was meant to be a list of sites you are allowing to create cookies while all others will be blocked from doing so. That's certainly been the way it's been working for me until very recently.

Thanks again.

Hi. Thanks fror the reply but I'm afraid I'm not quite sure what you are suggesting. I'm attaching a picture of my present settings on the main "Privacy and Security" page along with an image of the settings I have selected in the "Settings" menu found in the "History" section of that page. As you will see the only box I've left unchecked is "Site Preferences". You'll see I also have the "Cookies and Site Data" section set at "Accept cookies and site data from websites". If I change that to my prefered "Block cookies and site data" the sites I've listed as "Exceptions" will not open and often will give me a message that I have to allow cookies. Maybe I'm confused but I thought that the "Exception" list was meant to be a list of sites you are allowing to create cookies while all others will be blocked from doing so. That's certainly been the way it's been working for me until very recently. Thanks again.
jscher2000
  • Top 10 Contributor
8579 個解決方法 70146 個答案

Hi canadajohn, there are multiple kinds of "permissions" you can set for cookies:

  • Allow
  • Allow for Session (does not survive a shutdown)
  • Block

Do all of the listed sites have the "Allow" permission? And the relevant protocol (http:// for HTTP sites and https:// for HTTPS sites)?

Note: the attached was a brief test in a new profile. I didn't test any sites that demand you accept cookies, which probably would have been a good idea.

Hi canadajohn, there are multiple kinds of "permissions" you can set for cookies: * Allow * Allow for Session (does not survive a shutdown) * Block Do all of the listed sites have the "Allow" permission? And the relevant protocol (http:// for HTTP sites and https:// for HTTPS sites)? Note: the attached was a brief test in a new profile. I didn't test any sites that demand you accept cookies, which probably would have been a good idea.
jscher2000
  • Top 10 Contributor
8579 個解決方法 70146 個答案

Also, you should not have "Cookies" checked in the clear history settings if you want them to carry over to your next session.

Also, you should not have "Cookies" checked in the clear history settings if you want them to carry over to your next session.
canadajohn 0 個解決方法 6 個答案

Hi.

Here's an image of my exceptions page. It used to be full but since I lost them all I've only added these two.

Hi. Here's an image of my exceptions page. It used to be full but since I lost them all I've only added these two.
jscher2000
  • Top 10 Contributor
8579 個解決方法 70146 個答案

有幫助的回覆

Hi canadajohn, for Facebook, it should be

https://facebook.com

(using HTTPS instead of HTTP)

Do you have any other software that cleans up browser data? (For example, CCleaner or Advanced SystemCare.) If so, set it not to touch your Firefox data.

Hi canadajohn, for Facebook, it should be https://facebook.com (using HTTPS instead of HTTP) Do you have any other software that cleans up browser data? (For example, CCleaner or Advanced SystemCare.) If so, set it not to touch your Firefox data.
canadajohn 0 個解決方法 6 個答案

Hi.

Adding that "S" worked for Facebook but not for the other site, which is my bank login. But I recall now that I've has problems accessing that bank login with Firefox before and more than once have had to use Safari.

I realized this Mozilla site needs access to cookies too, so when I added it to the "Exceptions" list it's also worked when "Block cookies and site data" is selected.

So seems the problem was that missing "S" (and that the problem with my bank site is another matter). I'll have to check for that "S" when I add more sites to the exception list as the Facebook site appeared as only http by itself when I typed "Faceboook.com" in the space at the top of the "Exceptions" page.

Also, in the "History" section I've reverted to "Always use private browsing mode", which is where it was before and that has created no problems.

Thanks, looks like you've solved my problem! I guess though that why my long list of exceptions disappeared one day will have to remain a mystery.

John

Hi. Adding that "S" worked for Facebook but not for the other site, which is my bank login. But I recall now that I've has problems accessing that bank login with Firefox before and more than once have had to use Safari. I realized this Mozilla site needs access to cookies too, so when I added it to the "Exceptions" list it's also worked when "Block cookies and site data" is selected. So seems the problem was that missing "S" (and that the problem with my bank site is another matter). I'll have to check for that "S" when I add more sites to the exception list as the Facebook site appeared as only http by itself when I typed "Faceboook.com" in the space at the top of the "Exceptions" page. Also, in the "History" section I've reverted to "Always use private browsing mode", which is where it was before and that has created no problems. Thanks, looks like you've solved my problem! I guess though that why my long list of exceptions disappeared one day will have to remain a mystery. John

由 canadajohn 於 修改

wjm263 0 個解決方法 8 個答案

Sites exist which set cookies using multiple names. For example the site www.foo.com may also set cookies as a.foo.com or foo.com/xx and such. With Chrome one can set the exceptions as:

[*.]foo.com

and it will reject anything remotely like foo.com Is there some similar protocol in Firefox? I haven't been able to stumble into one.

Basically I'd like to set the exception for anything with "foo" in the cookie name. Thanks.

Sites exist which set cookies using multiple names. For example the site www.foo.com may also set cookies as a.foo.com or foo.com/xx and such. With Chrome one can set the exceptions as: [*.]foo.com and it will reject anything remotely like foo.com Is there some similar protocol in Firefox? I haven't been able to stumble into one. Basically I'd like to set the exception for anything with "foo" in the cookie name. Thanks.

由 wjm263 於 修改

jscher2000
  • Top 10 Contributor
8579 個解決方法 70146 個答案

Hi wjm263, try this:

Does creating an Allow or Allow for Session exception for the base domain permit the subdomains like www.example.com as well?

Hi wjm263, try this: * https://example.com => Allow or Allow for Session * http://example.com => Allow or Allow for Session (if desired) Does creating an Allow or Allow for Session exception for the base domain permit the subdomains like www.example.com as well?
wjm263 0 個解決方法 8 個答案

Entering http://foo.com for "Allow for Session" still allows http://a.foo.com, or a million other variants to save permanent cookies.

Entering http://foo.com for "Allow for Session" still allows http://a.foo.com, or a million other variants to save permanent cookies.
jscher2000
  • Top 10 Contributor
8579 個解決方法 70146 個答案

wjm263 said

Entering http://foo.com for "Allow for Session" still allows http://a.foo.com, or a million other variants to save permanent cookies.

I'm sorry, for some reason I thought you wanted to ALLOW cookies from foo.com and its subdomains. If you want to BLOCK them then enter a block exception instead. Then please use the Manage Data button to remove the current cookies before re-testing.

''wjm263 [[#answer-1158858|said]]'' <blockquote> Entering http://foo.com for "Allow for Session" still allows http://a.foo.com, or a million other variants to save permanent cookies. </blockquote> I'm sorry, for some reason I thought you wanted to ALLOW cookies from foo.com and its subdomains. If you want to BLOCK them then enter a block exception instead. Then please use the Manage Data button to remove the current cookies before re-testing.
wjm263 0 個解決方法 8 個答案

I'm trying to "Allow for Session" as my note said. Not block.

Anyhow, it's become moot. I came back to Firefox a couple months ago after Chrome made an "improvement" which made it unusable for me. So due to this problem I've checked back and they fixed the problem again in the most recent release. So rather than continuing to fight with Firefox, I'm back to Chrome now.

Thanks for trying. IMHO Firefox desperately needs the ability to stick wild cards into the site names for Cookies. Otherwise the various places have learned to work around the restrictions I enter.

I'm trying to "Allow for Session" as my note said. Not block. Anyhow, it's become moot. I came back to Firefox a couple months ago after Chrome made an "improvement" which made it unusable for me. So due to this problem I've checked back and they fixed the problem again in the most recent release. So rather than continuing to fight with Firefox, I'm back to Chrome now. Thanks for trying. IMHO Firefox desperately needs the ability to stick wild cards into the site names for Cookies. Otherwise the various places have learned to work around the restrictions I enter.