3rd Party Cookies Issue
I have enjoyed using Firefox for quite some time now, it is my favorite browser. However, recently, for a reason I cannot explain, I have been getting error messages on my school's online learning system that blocks me from watching any videos in the course. The error message reads as followed- "It seems your browser is blocking 3rd party session cookies which are required for the Kaltura application. To resolve this issue, please update your settings to allow 3rd party cookies." ( For reference i guess, I go to IU which uses Canvas as an online learning platform. I haven't heard of anyone else having this issue)
I was very confused seeing this, because I hadn't recently changed or messed with any settings, I haven't downloaded any new security plug ins, but I went into my settings anyway to try and unblock all cookies using a custom settings option, under "Enhanced Tracking Protection" in settings. Reload my pages, restarted my browser, and no luck either time. I'm very confused as to why I'm seeing this error message, and it is getting in the way of my schoolwork at this point. I would LOVE to not have to download Chrome, so please help me thank you
All Replies (2)
Try turning off Enhanced Tracking Protection altogether for the website causing issues. On the website, click the shield icon to the left of the address bar and toggle Enhanced Tracking Protection off.
Another issue could be that the browser is be set to block cookies from that specific website. To fix this: 1. Type about:preferences#privacy in the address bar 2. Under Cookies and Site Data, choose Manage Exceptions 3. Choose Remove All Websites. This will clear all preferences to block or allow cookies from specific websites. You can also enter the learning system's address (e.g. www.domain.com or subdomain.domain.com) and choose Allow to make sure cookies from that website are allowed.
Firefox 96 made three changes related to cookies. Other users of Canvas/Kaltura have reported issue #1 on the following list, and it's pretty quick to change a setting to test that.
(1) More restrictions on sending cookies with requests launched from a different site
This scenario is that you start on site1 and then click a button or link that submits a login form or other data to site2 where some information needs to be shared between them. If the server does not specify the SameSite setting for its cookies, Firefox changed from treating it as SameSite=None (allow sending the cookie on requests launched from other sites) to SameSite=Lax (does not send cookies with requests launched from other sites).
Servers may complain that third party cookies are blocked, but that is not really what is happening.
Users have confirmed two different servers with this issue so far:
(i) iCloud: https://support.mozilla.org/questions/1364242 (ii) Canvas/Kaltura
In case this problem is caused by older cookies you stored for the site, you can try clearing them. Otherwise there's a workaround below the line below.
(2) If the cookie was set on an HTTPS page, it is not automatically passed to HTTP pages on the same server
In other words, SameSite consider the protocol (scheme) as well as the host name. This is a problem for older sites that use HTTP for most pages but do the login over HTTPS. Example: https://www.reddit.com/r/firefox/comments/s3iych/south_korea_cant_sign_in_to_some_websites_after/
Note: a hotfix was released Friday to revert change #2.
(3) If the server specifies that third party cookies are okay by setting SameSite=None, this is only honored for HTTPS pages, not HTTP pages
I don't know whether this is causing problems on any sites.
How to test whether this is issue #1:
(A) In a new tab, type or paste about:config in the address bar and press Enter/Return. Click the button accepting the risk.
More info on about:config: Configuration Editor for Firefox. The moderators would like us to remind you that changes made through this back door aren't fully supported and aren't guaranteed to continue working in the future.
(B) In the search box in the page, type or paste laxByDefault and pause while the list is filtered
(C) Double-click the network.cookie.sameSite.laxByDefault preference to switch the value from true to false
I don't know whether that takes effect immediately or whether you need to quit Firefox and start it up again.
Hopefully we will get a better understanding of how to set site exceptions in the future so you can benefit from this change while using other sites.