搜索 | 用户支持

防范以用户支持为名的诈骗。我们绝对不会要求您拨打电话或发送短信,及提供任何个人信息。请使用“举报滥用”选项报告涉及违规的行为。

详细了解

How do I configure Firefox to always allow all session cookies but no other cookies?

  • 3 个回答
  • 3 人有此问题
  • 1 次查看
  • 最后回复者为 cor-el

more options

In IE, there is an option to "Always Allow Session Cookies".

So I have IE set up to always block First Party Cookies and always block Third Party Cookies but always allow Session Cookies.

Then I use the cookie exception list if I need to allow any other cookies that do not fall into those three categories.

In Firefox, I can use the cookie exception list to specify individual session cookies and then select "Allow For Session" but they must all be listed individually - I want Firefox to allow ALL session cookies but block ALL first party and block ALL third party cookies, then I can use the cookie exception list if needed.

I'm sorry if the answer to this is obvious or answered elsewhere but I have spent a lot of time searching and have not found it.

Thank you in advance to anyone willing to help me with this!

In IE, there is an option to "Always Allow Session Cookies". So I have IE set up to always block First Party Cookies and always block Third Party Cookies but always allow Session Cookies. Then I use the cookie exception list if I need to allow any other cookies that do not fall into those three categories. In Firefox, I can use the cookie exception list to specify individual session cookies and then select "Allow For Session" but they must all be listed individually - I want Firefox to allow ALL session cookies but block ALL first party and block ALL third party cookies, then I can use the cookie exception list if needed. I'm sorry if the answer to this is obvious or answered elsewhere but I have spent a lot of time searching and have not found it. Thank you in advance to anyone willing to help me with this!

被采纳的解决方案

reyxlp said

In IE, there is an option to "Always Allow Session Cookies".

So I have IE set up to always block First Party Cookies and always block Third Party Cookies but always allow Session Cookies.

This is a little strange for sites: they send a number of cookies, but IE ignores some and returns a subset? Does this feature really work the way the dialog describes? Hmm...

In Firefox, I can use the cookie exception list to specify individual session cookies and then select "Allow For Session" but they must all be listed individually - I want Firefox to allow ALL session cookies but block ALL first party and block ALL third party cookies, then I can use the cookie exception list if needed.

No, Firefox doesn't have that feature.

What I suggest is to set Firefox to limit ALL cookies to session cookies, and then make site-specific exceptions for sites you want to remember you between sessions. And/or you can block sites that should never set cookies.

To do this:

Setting Default Cookie Behavior

"3-bar" menu button (or Tools menu) > Options

In the left column click Privacy. On the right side, if you have "Firefox will: Remember history" change that to "Firefox will: Use custom settings for history".

Change "Keep until: they expire" to "Keep until: I close Firefox"

This won't clear existing persistent cookies, but will affect new cookies that are set going forward.

Modifying Site-Specific Cookie Permissions

You can use the Permissions panel of the Page Info dialog to modify permissions for the site listed in the address bar, but there's no convenient way to set permissions for third party cookies. For that I suggest using the Cookie Monster extension.

The Cookie Monster button on the toolbar allows you to see which third party cookies have which permissions and to change them.

https://addons.mozilla.org/firefox/addon/cookie-monster/

Sample screen shot attached -- the option to "Apply cookie settings to both HTTP and HTTPS" is turned on, which streamlines the menu. With this option you don't have to set/modify permissions for both HTTP or HTTPS on the same site (why would they be different?).

定位到答案原位置 👍 2

所有回复 (3)

more options

选择的解决方案

reyxlp said

In IE, there is an option to "Always Allow Session Cookies".

So I have IE set up to always block First Party Cookies and always block Third Party Cookies but always allow Session Cookies.

This is a little strange for sites: they send a number of cookies, but IE ignores some and returns a subset? Does this feature really work the way the dialog describes? Hmm...

In Firefox, I can use the cookie exception list to specify individual session cookies and then select "Allow For Session" but they must all be listed individually - I want Firefox to allow ALL session cookies but block ALL first party and block ALL third party cookies, then I can use the cookie exception list if needed.

No, Firefox doesn't have that feature.

What I suggest is to set Firefox to limit ALL cookies to session cookies, and then make site-specific exceptions for sites you want to remember you between sessions. And/or you can block sites that should never set cookies.

To do this:

Setting Default Cookie Behavior

"3-bar" menu button (or Tools menu) > Options

In the left column click Privacy. On the right side, if you have "Firefox will: Remember history" change that to "Firefox will: Use custom settings for history".

Change "Keep until: they expire" to "Keep until: I close Firefox"

This won't clear existing persistent cookies, but will affect new cookies that are set going forward.

Modifying Site-Specific Cookie Permissions

You can use the Permissions panel of the Page Info dialog to modify permissions for the site listed in the address bar, but there's no convenient way to set permissions for third party cookies. For that I suggest using the Cookie Monster extension.

The Cookie Monster button on the toolbar allows you to see which third party cookies have which permissions and to change them.

https://addons.mozilla.org/firefox/addon/cookie-monster/

Sample screen shot attached -- the option to "Apply cookie settings to both HTTP and HTTPS" is turned on, which streamlines the menu. With this option you don't have to set/modify permissions for both HTTP or HTTPS on the same site (why would they be different?).

more options

Yes, I think IE's dialog is confusing. In IE8, checking the "Always allow session cookies" seems to override the Block on First party cookies and simply converts first party cookies to session cookies. This is similar to the option I mentioned in Firefox.

Screen shot attached for a test using the following page: https://jeffersonscher.com/res/cook.html

more options

You can set network.cookie.thirdparty.sessionOnly to true on the about:config page to make third-party cookies behave as session cookies that expire when Firefox is closed.

You can open the about:config page via the location/address bar. You can accept the warning and click "I'll be careful" to continue.


See also the Firefox source code.