Per-domain whitelisting of cookies?



  • Hi,
    this has probably been suggested a lot of times, so just wondering if anyone knows the status of this?

    One of the main things I'd love to see in Vivaldi is something to allow per-domain cookie whitelisting.

    In Firefox I use the excellent "Cookie Monster" add-on which basically does the same as the old Opera 12, I can right-click and choose to allow cookies or not (default). Another great thing about it is the option to temporarily allow cookies for a domain. So if some lame site doesn't work without cookies allowed I can enable it and they will be deleted on shutdown.

    At the moment the "Vanilla" extension does something of the same, but it saves cookies and then deletes them when exiting, which is not ideal. I would want to not save cookies at all unless I specifically allow it for a domain.

    Not that I'm paranoid, I just hate knowing my browser saves cookies I've never allowed it to :)



  • I'm using Cookie Autodelete, which functions very much like Firefox's Self-destructing cookies.

    Note that installing it does not delete all current cookies. If there's a cookie for website X, it won't be deleted until you visit website X and then don't whitelist it. That means all your currently "remember me" cookies won't go away unless you forget to whitelist them.



  • Well, auto-delete of saved cookies like Vanilla and other Chrome-plugins do are OK, but what I'd really like for Vivaldi is to have the option to not save cookies at all, unless explicitly told so for a specific domain.

    Similar to old Opera 12 behaviour. I used to turn off cookies completely and if I found a site I wanted to login to I whitelisted it. Could be a PITA though, for stuff like Hotmail, where you needed to whitelist not only hotmail.com, but also microsoft.com and live.com etc. But worth it for the peace of mind.

    Cookie Monster for Firefox does the same thing, but for Chrome there simply is no add-on for the same functionality, sadly.



  • @Pathduck
    You could block all cookies in Settings --> Privacy --> section "Cookies" than go to vivaldi://chrome/settings/content and add exceptions - or did I misunderstood what you wanted to do?

    In addition you can set block or allow cookies per site.
    Click on the globe on the left side of your address bar and click on the link below cookies - than there should popup a window that lists cookies in use and if they are blocked atm or not.

    (btw you can reach vivaldi://chrome/settings/content also via the Site Settings link in this popup)

    0_1493979581301_globe.png



  • @zaibon Thanks for the information; I wasn't aware you could access the exceptions menu from the address bar like that, good to know! But still a bit too much work to add a site to the exceptions, since I still have to use the standard Chrome exceptions UI.

    But in fact, if Vivaldi added a dropdown to the right of the menu, like this:
    Always Block on this site (default)
    Always Allow on this site
    Temporarily Allow on this site (deleted on exit)

    It would solve most of what I'm asking. The default should be set dependent what is set in the global cookie options. It would be quite similar to what Opera12 used to do, and the Temporarily Allow is a neat feature for those one-visit sites who refuse to work without cookies.

    I do notice that I can go into the site-cookies menu and if default is block, I can explicitly allow them, which is nice. But it would be a lot less clicking if it was just on the menu itself :)



  • I'm not sure I see a significant difference between blocking a site's cookies entirely and allowing them but deleting them at end of session. Assuming, of course, that the browser is configured to block all 3rd party cookies. And temporarily accepting them eliminates the difficulty of figuring out that the reason a site isn't working right is because cookies are being blocked.



  • @FloridaMatt said in Per-domain whitelisting of cookies?:

    I'm not sure I see a significant difference between blocking a site's cookies entirely and allowing them but deleting them at end of session.

    Well, when you block all cookies, each site sees you as a new user every time you visit them*.
    If you only delete them at the end of the browsing session, you can be tracked during said session. For instance, you visit site A and B, and on site C, see ads for products you saw on A or B.
    (Note : this can partially be mitigated* by blocking third-party cookies)

    So for optimum privacy, blocking cookies is better. But not always practical, as @Pathduck said.

    *: Note that now, some sites expect cookies to be blocked and use other fingerprinting methods (web app cache, Flash storage...) ; the browser (I believe Chromium does) also has to consider these as cookies for the block to apply.


Log in to reply
 

Looks like your connection to Vivaldi Forum was lost, please wait while we try to reconnect.