Hilfe durchsuchen

Vorsicht vor Support-Betrug: Wir fordern Sie niemals auf, eine Telefonnummer anzurufen, eine SMS an eine Telefonnummer zu senden oder persönliche Daten preiszugeben. Bitte melden Sie verdächtige Aktivitäten über die Funktion „Missbrauch melden“.

Weitere Informationen

Do I need to add separate cookie exceptions for HTTP and HTTPS?

  • 2 Antworten
  • 1 hat dieses Problem
  • 1 Aufruf
  • Letzte Antwort von P1h3r1e3d13

more options

In the “Exceptions - Cookies and Site Data” dialog (Options > Privacy & Security > Cookies and Site Data > Exceptions), entering a domain as “foo.example.com” creates an entry for “http://foo.example.com”. Explicitly entering “https://foo.example.com” creates an entry for “https://foo.example.com”.

I don't really know how cookies work with HTTP/S. Is it useful to have an entry for each protocol? Or does the “http://...” entry cover both already? If both are necessary, is there a way to add and remove them together, automatically? It seems like a pretty unlikely case to want different rules per protocol.

In the “Exceptions - Cookies and Site Data” dialog (Options > Privacy & Security > Cookies and Site Data > Exceptions), entering a domain as “foo.example.com” creates an entry for “http://foo.example.com”. Explicitly entering “https://foo.example.com” creates an entry for “https://foo.example.com”. I don't really know how cookies work with HTTP/S. Is it useful to have an entry for each protocol? Or does the “http://...” entry cover both already? If both are necessary, is there a way to add and remove them together, automatically? It seems like a pretty unlikely case to want different rules per protocol.

Ausgewählte Lösung

Well, the exception needs to match the site. In some cases, a site may support both HTTP and HTTPS access. In that case, you need to add both.

For many years, Firefox did not care what protocol was used with a site, the permissions would apply regardless. However, at some point it was decided that perhaps you might only want to grant permission for something when the site was using a secure connection, so now the protocol is required.

(I use the more general term permissions because the same approach applies to location/GPS access, microphone/camera access, and ability to set cookies, among others.)

Perhaps you can find an add-on which makes it easier to add both at once?

Diese Antwort im Kontext lesen 👍 1

Alle Antworten (2)

more options

Ausgewählte Lösung

Well, the exception needs to match the site. In some cases, a site may support both HTTP and HTTPS access. In that case, you need to add both.

For many years, Firefox did not care what protocol was used with a site, the permissions would apply regardless. However, at some point it was decided that perhaps you might only want to grant permission for something when the site was using a secure connection, so now the protocol is required.

(I use the more general term permissions because the same approach applies to location/GPS access, microphone/camera access, and ability to set cookies, among others.)

Perhaps you can find an add-on which makes it easier to add both at once?

more options

Thanks, that clears it up.

Hmm, maybe this is a candidate for for a UI bug. Checkboxes or something for “HTTP/HTTPS/both” would help a lot and make sense in modern usage.