搜尋 Mozilla 技術支援網站

防止技術支援詐騙。我們絕對不會要求您撥打電話或發送簡訊,或是提供個人資訊。請用「回報濫用」功能回報可疑的行為。

Learn More

Firefox privacy settings

more options

I've been trying to configure my laptop to suit my needs, which differs from those on desktop. Basically, I trust both devices due to full-disk encryption, but it's possible to steal my laptop while powered on and unlocked. Hence my laptop approach is strict while adding a few exceptions that rely on successful authentication without remembering passwords.

I find it quite hard to manage exceptions. I've spend a couple of hours reading through this forum as well as numerous FAQs and guides, yet it appears there are a lot of conflicting options that override certain settings. The entire process is pretty counterintuitive and could use an overhaul from a UX perspective, where a simplification of the process might also result in the resources becoming more useful.

Anyway, one of my issues is that it appears I can't use asterisk * when defining URL exceptions for cookie settings. Second, unless explicitly defined, the protocol defaults to http and not https. I guess I should ask what happens before complaining too much. Example time:

1: I add the URL 'example.com' 2: Firefox converts it to 'http://example.com' 3: I add the URL 'https://example.com'

How will each of these exceptions work for the following: https://www.example.com https://this.example.com

And how can I mitigate this without a regex or similar, short of manually adding an extensive list of possible variations in between https:// and .example.com? To clarify, I'll need an exception for something like https://*.example.com

Finally, how is this affected by individual settings in the sections Enhanced Tracking Protection, Cookies and Site Data, and History? Any pitfalls I should be aware of?

I've been trying to configure my laptop to suit my needs, which differs from those on desktop. Basically, I trust both devices due to full-disk encryption, but it's possible to steal my laptop while powered on and unlocked. Hence my laptop approach is strict while adding a few exceptions that rely on successful authentication without remembering passwords. I find it quite hard to manage exceptions. I've spend a couple of hours reading through this forum as well as numerous FAQs and guides, yet it appears there are a lot of conflicting options that override certain settings. The entire process is pretty counterintuitive and could use an overhaul from a UX perspective, where a simplification of the process might also result in the resources becoming more useful. Anyway, one of my issues is that it appears I can't use asterisk * when defining URL exceptions for cookie settings. Second, unless explicitly defined, the protocol defaults to http and not https. I guess I should ask what happens before complaining too much. Example time: 1: I add the URL 'example.com' 2: Firefox converts it to 'http://example.com' 3: I add the URL 'https://example.com' How will each of these exceptions work for the following: https://www.example.com https://this.example.com And how can I mitigate this without a regex or similar, short of manually adding an extensive list of possible variations in between https:// and .example.com? To clarify, I'll need an exception for something like https://*.example.com Finally, how is this affected by individual settings in the sections Enhanced Tracking Protection, Cookies and Site Data, and History? Any pitfalls I should be aware of?

被選擇的解決方法

In the Manage Exceptions dialog, if I enter example.com and click Allow, Firefox adds both:

I'm not sure why your Firefox only adds one of them.

It is my understanding that except in certain situations of strict host name enforcement, you only need the base domain and not every host name the server uses. As an example, I created an Allow exception for https://live.com and Firefox retained persistent cookies for outlook.live.com even with "Delete cookies and site data when Firefox is closed" selected.

Note that in the History section, if you use "Clear history when Firefox closes" you need to uncheck the boxes for

  • Cookies
  • Site Settings -- includes your exceptions, site permissions, zoom levels, etc.
  • Offline website data

because this feature does not honor exceptions and will completely flush those categories of data.

從原來的回覆中察看解決方案 👍 0

所有回覆 (3)

more options

選擇的解決方法

In the Manage Exceptions dialog, if I enter example.com and click Allow, Firefox adds both:

I'm not sure why your Firefox only adds one of them.

It is my understanding that except in certain situations of strict host name enforcement, you only need the base domain and not every host name the server uses. As an example, I created an Allow exception for https://live.com and Firefox retained persistent cookies for outlook.live.com even with "Delete cookies and site data when Firefox is closed" selected.

Note that in the History section, if you use "Clear history when Firefox closes" you need to uncheck the boxes for

  • Cookies
  • Site Settings -- includes your exceptions, site permissions, zoom levels, etc.
  • Offline website data

because this feature does not honor exceptions and will completely flush those categories of data.

有幫助嗎?

more options

Seems like I worried for no reason. Quick suggestion, at least mention that wildcards are included, that would prevent some frustration I think. Or add them automatically, unless you worry that regular users would be confused. It could be mentioned in the documentation as well.

Regarding checkboxes that void or ignore exceptions, the process still feels unnecessarily complicated. It's probably because new features have been added over multiple iterations, tacked onto the about:preferences instead of merging with existing features. I'll suggest a service update that looks into the architectural approach to how settings are applied, making it more intuitive. I know it's hard to assess as a dev, you know how stuff works, the intricate details and all, and that makes it difficult to put yourselves in the shoes of regular users.

Either way, I got what I came for. Thank you very much, I really appreciate it. Keep up the good work.

有幫助嗎?

more options

There is work under way to consolidate the two settings --

  • "Delete cookies and site data when Firefox is closed" [cookie lifetime preference]
  • "Clear history when Firefox closes" [shutdown sanitizer]

-- but since they currently work very differently, it is taking some time.

有幫助嗎?

問個問題

如果您還沒有帳號,您必須先 登入您的帳號 來回覆文章。請 開始一個新問題