Third party cookies are not blocked
-
I have third party cookies blocked in settings, and yet I still see google cookies on other websites like the nytimes.com. What gives?
-
Also, cookies from google.com are still being set even though I have blocked all cookies, and explicitly blocked cookies from google.com
-
have you checked the chromium settings also.?.Not sure if those have an effect.
Should this setting be not enabled by default.?I use an extension."cookie autodelete." and it does a fabulous job and clears local storage too.
-
I don't have this issue. I block third party cookies and I don't see any google cookies when visiting The New York Times.
-
I think I've figured out what is going on. When you click the padlock and then Cookies, you see a list of cookies in use. You can block domains here, and then they appear in the blocked list. What this actually does is add an exception in the Chromium settings. If you then click Allow from the blocked list, it adds a competing exception in the Chromium settings, but does not remove it from the block list, rather it appears in both the block and allow lists. Then that domain appears in both the Allowed and Blocked tabs, and the Allow exception takes precedence.
Furthermore, if a domain is in the Allow list, it allows it as a third party cookie as well, not just a first party. So if you are allowing cookies by default but blocking third party cookies, you can make it work correctly by manually removing domains from the block list, rather than clicking Allow. However, what I would like to do is block all cookies by default, and add exceptions to the Allow list, but this disables third party cookie blocking for those domains that I want to allow on a first party basis.
-
@zook Good on you for doing some detective work on your own
@zook said in Third party cookies are not blocked:
Then that domain appears in both the Allowed and Blocked tabs, and the Allow exception takes precedence.
I don't think this is correct. I just tried with the BBC news site, and it tries to set a bunch of 3rd party cookies. I block these by default, but I tried to set
[*.]doubleclick.netto Allow and then Block, and it did not remain in Allow.Make sure you have the same specific rules, for instance
[*.]google.comandwww.google.comis not the same rule so will be treated differently.I would like to do is block all cookies by default, and add exceptions to the Allow list, but this disables third party cookie blocking for those domains that I want to allow on a first party basis.
Yes, in this case the Allow rule will also mean 3rd party cookies from that domain will be allowed. It's unfortunate there is no way to say "I only want to allow 1st party cookies from Google but not allow 3rd party".
I think the best way at the moment is allow all, block 3rd party, and use an extension like Cookie Autodelete to delete cookies once a tab is closed. Then add an Allow exception for those sites where you need 3rd party cookies for things like Single-sign-on, for instance
vivaldi.net.This way most sites will still work, and they won't be able to use cookies to track you (at least to a great extent). Of course, these days they have other ways to track users regardless of cookies, but that's another discussion...
-
I don't think this is correct.
So, it turns out it does actually move that particular rule from allow to block and vice versa, removing the old entry, but when there are competing rules between
[*.]google.comand[*.]www.google.com, weird behavior results. Once I figured out that[*.]google.comis a catch-all for subdomains it started making more sense.Your strategy is the best one I can come up with. I looked around for an extension to block third party cookies but can't find one that actually blocks them, they just delete them (UltraBlock) or prevent retrieval (uMatrix).
Maybe I'll make a feature request to only whitelist domains for first party cookies.
modedit fixed broken cookie rule example and put it as Markdown Inline Code
-
Hi,
Try doing your test on a Clean Profile.
There you can start completely without Cookies and easily check what happens.--
"Off Topic Tip"
Follow the Signature's Backup | Reset link.
Take the opportunity to start a Backup plan and even create a Template Profile.
Windows 7 (x64)
Vivaldi Backup | Reset -
@Zalex108 Thanks for the suggestion, however if you read the whole thread we've figured out what's going on. Allowing a blocked cookie domain through the UI adds it to the allow list instead of simply deleting it from the block list, and this exception applies to both first party and third party cookies.
-
Yes,
But despite I've assumed per some post, you've know what you are doing:-
Using a Clean Profile, assures any previous Cookie doesn't exist.
-
Any step is as it is, no extension or other settings involved changing the behavior.
Then you can "import" the rules and / or delete the profile if necessary on a "catastrophe".
That way is easy to manage how it works, what happens and don't mess your Default Custom Profile.
-
-
Ppafflick moved this topic from Vivaldi for Windows on
