Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

"network.cookie.cookieBehavior" setting

  • 19 uphendule
  • 0 zinale nkinga
  • 41 views
  • Igcine ukuphendulwa ngu Adam

more options

per the title, I'm looking at 2 settings:

1) network.cookie.cookieBehavior 2) network.cookie.lifetimePolicy

I'm not a web dev, but I'd like to know all I can about these 2. my goal is to never be bothered by any site about verifying my identity. I realize that you can't get rid of all of it, but some people know what they're doing and some don't. for instance, I have an AMEX account and they *never* ask me for anything because they already know everything, like google. But they are seriously a high quality bank. on the other hand, my local credit union bothers me everytime is I dump the "cache/entries" dir in win 10. Is there anyway to get what I want? thanks!

Adam

(my current settings for these 2 specs are in the images below. as you can see, the behavior is set to "new cookie jar policy")

Ama-screenshot ananyekiwe

All Replies (19)

more options

my apologies, I suppose I shouldn't have said "verifying my identity". rather, I should have said " I don't want to have to plug 6 digit codes in that are sent to my phones". I have other security in place. credit cards specifically. they cover you anyway, so texting to phones is a waste of time and I'm not an ignorant computer user. thanks.

Helpful?

more options

Adam said

on the other hand, my local credit union bothers me everytime is I dump the "cache/entries" dir in win 10.

Hi Adam, what is that process you're referring to? Firefox's storage locations usually wouldn't be affected by clearing system folders, but perhaps there is something new I'm not aware of.

Your settings --

  • network.cookie.cookieBehavior => 4
  • network.cookie.lifetimePolicy => 0

-- are the baseline and are compatible with retaining authentication cookies as well as all other cookies.


Other possible reasons to lose cookies between sessions:

Add-ons

Several add-ons directly edit/remove cookies. You can view, disable, and often remove unwanted or unknown extensions on the Add-ons page. Either:

  • Ctrl+Shift+a (Mac: Command+Shift+a)
  • "3-bar" menu button (or Tools menu) > Add-ons
  • type or paste about:addons in the address bar and press Enter/Return

In the left column of the Add-ons page, click Extensions. On the right side, find the "Manage Your Extensions" heading.

If there is at least one extension before the next heading -- "Recommended Extensions" -- please continue:

Then cast a critical eye over the list below that heading. Any extensions Firefox installs for built-in features are hidden from this page, so everything listed here is your choice (and your responsibility) to manage. Anything possibly related to cookies here?

Cleaners

Programs like CCleaner and Advanced System Care may remove browser data at system startup or even between Firefox sessions without a startup.

Helpful?

more options

yeah hi there,

nothing you said applies to me. i don't like saying that, but it's true. i attached images. cCleaner settings for FF. and none of them have ever required re-auth from the banks. it only happened when I changed the cookie behavior specs from the configs menu. but now that you say it is back to the norm, i will check for the behavior to re-appear. thanks. any comments on the images? i don't use ext's or add-ons. they only add more pain to the process. I do everything by intelligence. I don't need the help of tech "pros" in the form of 3rd party companies. LOL. they are people to stay away from, if you this man's opinion. they never cover all the bases, and a lot of them are in big cities. here's the BAT code:

@echo off echo Deleting firefox cache entries... del /Q C:\Users\uDir\AppData\Local\Mozilla\Firefox\Profiles\dddddddddd.default-release\cache2\entries\*.*

echo Deleting personality-provider... rd "C:\Users\uDir\AppData\Local\Mozilla\Firefox\Profiles\dddddddddd.default-release\personality-provider" /S /Q

echo Deleting safebrowsing... rd "C:\Users\uDir\AppData\Local\Mozilla\Firefox\Profiles\dddddddddd.default-release\safebrowsing" /S /Q

echo Deleting startupCache... rd "C:\Users\uDir\AppData\Local\Mozilla\Firefox\Profiles\dddddddddd.default-release\startupCache" /S /Q

echo All firefox data has been deleted. exit

thanks for the help. you're pretty common sense, intelligent. that's appreciated! =)

Helpful?

more options

by the way, I bet you didn't know this? cCleaner has code in it to prevent screen snipping in windows 10. either that, or it is windows doing it. I wonder what it could be....the print screen button still works with it.

Helpful?

more options

So far, I don't see anything that could explain selectively losing one bank's cookies and not another's.

While you are on your CU site, you can open the Storage Inspector tool (Shift+F9) and check that the cookies have far off expiration dates. Sometimes you need to add the Expires column (right-click any other column heading to choose columns). If the site is setting Session cookies, that would explain it; maybe they have a "remember me" checkbox you need to tick.

https://developer.mozilla.org/docs/Tools/Storage_Inspector

Helpful?

more options

what can you see in the attached images? I can tell you this...I have 3rd party cookies blocked (as shown in image 2). as in, the config setting for "allow 3rd party" is shut off. and in the image, this bank is using "okta", which is here:

https://www.okta.com/

and that is nothing more than an authentication service. if all they are doing is issuing cookies and tokens, that's not much of a service! sounds like a typical corporation. ha ha. and a typical corporate buyer! they have no clue what they're buying. you think? sell for $5 million, but there really is no service involved. they are just good salespeople? after all, national bank of Omaha is not american express. I have an AMEX card too, and I can tell you that AMEX does not use 3rd party deployments because their site works just fine for me even though I have 3rd party cookies blocked. =) so, would you suggest turning 3rd party cookie allowances back on so I don't get annoyed with authentication text message requirements? thanks.

Adam

Okulungisiwe ngu Adam

Helpful?

more options

what can you see in the attached images? I can tell you this...I have 3rd party cookies blocked (as shown in image 2). as in, the config setting for "allow 3rd party" is shut off. and in the image, this bank is using "okta", which is here:

https://www.okta.com/

and that is nothing more than an authentication service. if all they are doing is issuing cookies and tokens, that's not much of a service! sounds like a typical corporation. ha ha. and a typical corporate buyer! they have no clue what they're buying. you think? sell for $5 million, but there really is no service involved. they are just good salespeople? after all, national bank of Omaha is not american express. I have an AMEX card too, and I can tell you that AMEX does not use 3rd party deployments because their site works just fine for me even though I have 3rd party cookies blocked. =) so, would you suggest turning 3rd party cookie allowances back on so I don't get annoyed with authentication text message requirements? thanks.

Adam

Helpful?

more options

Note that there is no need to clear the startup cache as that causes Firefox to take more time to startup and this folder will be recreated anyway.

Clearing the safebrowsing folder will cause Firefox to download all this content every time you start Firefox and that will cause extra internet traffic as you can see by the file size of this folder.

You can use "Clear history when Firefox closes" to clear the disk cache and have the same effect of clearing the cache2 folder as you can check.

Helpful?

more options

Corel,

I don't want to sound like the smartest guy in the world, but I don't use any corporate tools to monitor safety or malware possibilities. And the reason I don't is because the questions I post are all about non-networked machines. And even though I use them in my business, yes, I have nothing that is worth stealing and I have no money sources on my machines either. The only thing I'm looking for is how to speed up this browser as fast as possible.

I don't use add-ons and I don't use extensions. And for good reason. And again, I don't want to sound like the smartest person ever, but I use my own brain, and always will, to detect illegitimate communication from anywhere in the world. And the reason I do that is because it's incredibly easy to spot if you know how this world works. As a matter of fact, my own website says all of this on the front page because I've got a million backup sources and I checked daily, my account, for illegitimate traffic and manually delete everything through queries.

As a side note, I once checked with GoDaddy agents to ask them what all of the WordPress page hits on the backend dashboard homepage we're all about on one of my servers. And I asked them if that was everybody living under the cement in big cities trying to hack into people using wordpress. The answer was yes. So that goes to show you right there how much damage corporate people and government people have done even though we don't see these people above ground ever.

Helpful?

more options

First party isolation doesn't block third party cookies. It silos them. So Okta cookies set on the bank site are not sent to Okta when their scripts/images/etc. are embedded on other sites.

To see whether the Okta cookies are persistent within the silo, click it in the left column to list their cookies.

Helpful?

more options

Then I guess it begs the question, why am I still getting text message verification requests? As I've said I hope, the overall goal here is to completely ditch those requests and never ever get them. That wastes my time, and as I've already said, I use my own brain to decide what's legitimate and what isn't. I don't need authentication of anything, specifically from banks, because they protect you by default anyway! So what's the purpose of extra protection if your money is protected by human beings working at the bank!?

Regarding the silo, are the cookies the reason for this? Because, if I'm not mistaken, I believe that cookies are generally set for a specific amount of days before they were expire, correct? And they are sent by the developers at the vendor, correct?

Helpful?

more options

Adam said

Regarding the silo, are the cookies the reason for this? Because, if I'm not mistaken, I believe that cookies are generally set for a specific amount of days before they were expire, correct? And they are sent by the developers at the vendor, correct?

When sites respond to a request, they can set a Set-Cookie header. The cookies set can be session only or can be persistent, it's up to the web app. https://developer.mozilla.org/docs/Web/HTTP/Cookies

Helpful?

more options

j,

you certainly have good links. can you point me to a top-level dir or page that can give me pointers/links to every page of KBs that this website for mozilla has? I can probably get more info and learn more from this place than I can from SO! thanks.

Adam

Helpful?

more options

Hi Adam, I don't know whether there is an index of every page, but the top level for Firefox is here:

https://support.mozilla.org/products/firefox

MDN pages are sometimes linked from here, but more often not since that site is directed toward developers:

https://developer.mozilla.org/

Helpful?

more options

There is a full index, but there are a lot of pages (currently 39) that include redirects and obsolete pages, so if you have a lot of time to spare... :LOL:

For other languages replace 'en-US' with its language code:

For info about prefs, usually what works best is to search the Firefox source code and read comments.

Helpful?

more options

Okay thanks you guys. I will take a look at all of that when I have time. By the way jefferson, is this correct?

MDN = Mozilla developer Network

Helpful?

more options

And cor el, I assume you left this link for me because you understand that I know what I'm doing?

https://searchfox.org/mozilla-release/search?q=

You obviously left out the query string! Lol.

That's for me to fill in correct?

Helpful?

more options

Helpful?

more options

cor-el said

You can simply paste search terms or a pref name in the search box or add the text to the 'q' parameter.

but of course, I already knew this. =)

very helpful ce. thanks much. i will notify you both if and when I need more help. there's much reading to do here.

Okulungisiwe ngu Adam

Helpful?

Buza umbuzo

Kufanele ulogele ukungena ku-akhawunti yakho ukuze uphendule amaphosti. Uyacelwauqale umbuzo omusha, uma ungekabi nayo i-akhawunti namanje.