Thread: Blocking Cookies Causes Problem
View Single Post
  #2 (permalink)  
Old 05-08-2009
VanguardLH
 

Posts: n/a
Re: Blocking Cookies Causes Problem
Nimmer wrote:

> I am not sure if this can be controlled by the browser or is totally up to
> the web sites.
>
> I have my browser set to accept 1st party cookies, prompt for 3rd party
> cookies, and always allow session cookies. When I am just browsing a site
> (not ready to buy) I block cookies every time I am prompted. Most sites have
> no problem with me doing this each and every time the privacy alert shows up.
> When I get tired of doing this multiple times I will check the "Apply my
> decision to all cookies from this website" and then block the cookie. Some
> sites have no problem with this. Other sites will not longer function
> correctly. I am guessing that this is because the check box means that it
> will also block 1st party and session cookies.
>
> My suggestion is to make this so that checking the box will act like I am
> continually clicking the block button instead of some other behavior. (If my
> guess is right, then checking the box should only apply to 3rd party cookies
> due to the preferences that I have allready set.)
>
> ----------------
> This post is a suggestion for Microsoft, and Microsoft responds to the
> suggestions with the most votes. To vote for this suggestion, click the "I
> Agree" button in the message pane. If you do not see the button, follow this
> link to open the suggestion in the Microsoft Web-based Newsreader and then
> click "I Agree" in the message pane.
>
> http://www.microsoft.com/communities...orer. general

The fear of 3rd party cookies is that they could be use to track your
web navigation. The web browser ensures that only the domain recorded
inside the cookie is the domain that can access the cookie. So the
domain you are at cannot use the 3rd party cookie that it creates. But
if you navigate elsewhere then that cookie may become a 1st party cookie
(i.e., the domain to which you navigate is the domain recorded inside
the cookie). They can they read the cookie to see what info was
recorded in it by the prior domain. 3rd party cookies are of no concern
until you navigate away from a domain. Cookies are old as regards their
use for tracking your web navigation. After all, any site to which you
connect can add your info to a database that is shared amongst the
affiliates of that web site. Nothing on your host needs to be recorded,
like in a cookie .txt file, for them to track you on the web.

Since you are blocking all 3rd party cookies (by getting prompted and
then blocking them), why not just block them all the time? If you hit a
site that you often visit then add their domain as Allowed in the cookie
list. If a site doesn't want to cooperate with their content providers
regarding a common database of tracking info (and why sites still use
cookies to track you) then you probably never want any 3rd party
cookies. There are some sites that are comprised of several domains
hence their cookies may appear to be 3rd party cookies. If a "good"
site needs to use their 3rd party cookies, like when bouncing you around
to their different domains as you navigate their services, then just add
their domains to the Allow list.

You must have a lot more patience than I. Continually and often getting
prompted at a site to allow a 3rd party cookie would, to me, be a waste
of my time. I allow 1st party cookies, BLOCK all 3rd party cookies, and
allow per-session cookies. I used to have only a couple domains listed
in the Allow cookie list for those sites that bounced me around to their
different domains to use their services (like for webmail services).
After awhile, they fixed that problem and I no longer have any entries
in my Allow list.

Allowing 1st party cookies means you get stuck with a lot of cookies
from one-visited or rarely-visited sites. While their cookies may be
needed to enable full functionality of their web site, that doesn't mean
that I want their cookies lingering around after the web session ends.
I'm not there anymore and don't need their cookies lingering on my host.
When I visit there next time, they'll recreate their cookie. So I use
whitelisting to eliminate most 1st party cookies after the web browser
exits. PopUpCop (now free) not only provides better popup control than
what is included in IE and for many other popup blockers but it includes
a cookie whitelist feature. If a domain isn't in the whitelist, its
cookies get deleted when the web browser exits. This, in effect, forces
all non-whitelisted cookies to be per-session cookies. I only whitelist
those cookies at those domains that I frequent and whose cookies I want
to keep around, usually for forums to facilitate login (but not for my
banks where I always want to enter the login credentials). I am not
currently using PopUpCop with IE8 so I haven't tested its compatibility
with IE8. If I were to use it with IE8, I would configure IE8's
browsing history to delete everything except cookies (plus I would
disable the Preserve option which keeps TIF data for sites in your
Favorites list). That's because I would use PopUpCop's whitelisting
feature to purge the non-whitelisted cookies instead of using IE8's
delete function. So I would allow per-session cookies in IE8, block all
3rd party cookies, and allow all 1st party cookies but have PopUpCop
purge the non-whitelisted 1st party cookies.
Reply With Quote