cookie management in chromium browsers remains hopeless.
-
a few days ago, in my primary [
Default] snappie profile, i decided to try re-enabling cookies per session again [having been blocking all cookies for ~15 months]. sadly but unsurprisingly, the situation remains as pathetic as ever. Eg:Sites that can never use cookies... bahahahahahahahahaha, yeah, right...
appearing in list of current active cookies, despite the above setting, & despite me already today having manually vaporised these four or five times, & despite me having closed then relaunched vivaldi [which, ofc, should have invoked the ended-session cookie-purge (smiles ironically)].
this craven cookie crap simply does not arise, um... elsewhere...
Look, you've got it all wrong! You don't need to follow me. You don't need to follow anybody! You've got to think for yourselves! You're all individuals!
-
Vivaldi is by default configured to resume the last session, such as tabs, when it starts. Chromium is coded to also include that session cookies are resumed in that configuration.
-
@yngve yes, sure, fine, i know that, thanks. but look at what i wrote... & my pics. i have explicitly told chromium/vivaldi to never use/accept twitter cookies. so afaik, even if one or more of my open-hence-restored tabs has one of those nasty twitter cookies buried in it, chromium/vivaldi should not be ignoring my explicit setting... which clearly it is. i'm so exasperated about this chronic misbehaviour that i now find myself, once again, contemplating reverting to my... alternative browser option
note; i do not use twitter, so these tenacious cookies by definition are embedded in some other sites' tabs.
-
@ybjrepnfr said in cookie management in chromium browsers remains hopeless.:
note; i do not use twitter, so these tenacious cookies by definition are embedded in some other sites' tabs.
Maybe disable third-party cookies? That's what I did years ago.
Sorry, but your screenshots were hidden. Suggestion: include "see screenshot" or similar in the visible text.
In any case you will probably see the same issue in Chrome, and it is something that should be reported to the Chromium team at their bugtracking site (require login). I did not find any report about your issue in a quick search.
-
@yngve said in cookie management in chromium browsers remains hopeless.:
disable third-party cookies?
that's always true, in all my browsers.
@yngve said in cookie management in chromium browsers remains hopeless.:
your screenshots were hidden
only by the "spoiler" function. can't you click the down-arrow to reveal them [which is the intended function]? if not, here's a pic of them, expanded [my OP could not have made much sense to you if you never saw the pics]:
-
@ybjrepnfr From the screenshot, it says that the cookies take up 0 Bytes of space. This may just be a visual bug where the cookies that would have been set are blocked, but still counted as if they were added.
๐ป Windows 10 64-bit Sopranos Builds โข en-GB โข ๐ณ vote for features โข ๐ต๏ธโโ๏ธ Code of Conduct โข ๐ Report bugs
-
@LonM ta, yes, i know, & others have also suggested this when this topic arose in prior years. indeed, it might be correct, but i am so viscerally opposed to cookies by egregious companies like twitter that merely seeing any listing of them here, generates immense angst that i am not being protected. to be clear, for comparison, firefox simply never has this problem. here, in chromium/vivaldi, there is at best ambiguity, if not outright tracking risk, whereas in firefox that simply does not arise.
-
I suspect what might be going on here, is that the "4 cookies" shown are actually Local/Session storage. I've seen it before - the naming of the entry is misleading, it means 4 "entries" of Session/Local Storage, which is not (AFAIK) governed by the browser's "never use cookies" setting (but maybe it should?)
https://www.digitalocean.com/community/tutorials/js-introduction-localstorage-sessionstorageSome other points:
- With the
[*.]twitter.comsetting, the user cannot visittwitter.comat all, as they will get aERR_TOO_MANY_REDIRECTSfor not accepting cookies. - I think we can assume the user is also blocking 3rd-party cookies?
Otherwise, any idea of avoiding tracking is out of the window in any case. - What's important here is what's actually being saved, and this should be checked first.
If Settings > Privacy & Security > Cookies in Vivaldi does not list any cookies from Twitter, there are no cookies from Twitter - If user is persistent in finding out what actually lurks inside the Cookies file (under profile\Network), they can use the Sqlite3 CLI:
sqlite3 Cookies "select * from cookies;"- possibly with agrepif needed. - Twitter embeds on other sites will still load even if cookies from Twitter are blocked.
Here's a good example with several embeds: https://community.battlefront.com/topic/140931-how-hot-is-ukraine-gonna-get/page/2374/
Testing with the above site and a setting to block all 3rd-party cookies, I get in the Blocked cookies dialog (Allowed only shows the 1st-party):
However, allowing 3pc, I get the following under Allowed (Blocked is empty):
So, Session storage from Twitter is still saved.
But Session storage, unlike Local storage, is cleared on browser restart.After a restart,
chrome://settings/content/allis empty, as expected.I've not been able to find a way to get Twitter to save Local storage (without actually visiting Twitter), and have not been able to reproduce the issue of data from Twitter persisting after a browser restart with the above settings.
So, let's theorize that what's seen here is actually persisted Local storage. Can it be used to track users? Yes, unfortunately...
https://html.spec.whatwg.org/multipage/webstorage.html#privacy
http://johnsteinmetz.net/using-html5-local-storage-vs-cookies-for-user-tracking/
https://www.simoahava.com/analytics/use-localstorage-client-id-persistence-google-analytics/๐ปVolunteer helper ยท Forum moderator ยท Sopranos tester ๐ ๏ธTroubleshooting ๐Report a bug ๐Markdown help
๐ฆ"With a rubber duck, one's never alone" -Douglas Adams๐ฆ - With the
-
@Pathduck
the userthanks you.
@Pathduck said in cookie management in chromium browsers remains hopeless.:
With the [*.]twitter.com setting, the user cannot visit twitter.com at all
that scenario accords entirely with
the user's intentions. furthermore,the userhas stridently asserted that they have no intention nor desire of visiting twitter.com until at least the day after hell freezes over. allegedly.@Pathduck said in cookie management in chromium browsers remains hopeless.:
we can assume the user is also blocking 3rd-party cookies?
indeed we can, not least for the reason that
the userspecifically stated so, in a previous post, just up above, a wee bit.@Pathduck said in cookie management in chromium browsers remains hopeless.:
any idea of avoiding tracking is out of the window
the userwas momentarily tempted to counter-mention a superior alternative operating system, but decided at the last moment to stay rigorously on-topic. as always.@Pathduck said in cookie management in chromium browsers remains hopeless.:
If Settings > Privacy & Security > Cookies in Vivaldi does not list any cookies from Twitter, there are no cookies from Twitter
the useragreed this was a wise suggestion, & duly performed it, with this unsurprising yet extraordinarily galling result:
@Pathduck said in cookie management in chromium browsers remains hopeless.:
I've not been able to find a way to get Twitter to save Local storage (without actually visiting Twitter), and have not been able to reproduce the issue of data from Twitter persisting after a browser restart with the above settings.
the useras already advised thoroughly eschews twitter, but atm has dozens of tabs from a diverse suite of sites, open in various workspaces, for various parallel research projects in hand. deductively, one or more of said tabs must be the source of this current twitter cookie / local storage infestation.the userexpresses great joy at this revelation, if "joy" might be temporarily redefined as something more akin to "enraged nausea".@Pathduck said in cookie management in chromium browsers remains hopeless.:
let's theorize that what's seen here is actually persisted Local storage. Can it be used to track users? Yes
exactly, ergo,
the usercontinues to regard chromium ootb to be unfriendly to privacy-centric users. werethe userto be of a cynical bent, they might even conclude that this was the deliberate design intent to defeat & subjugate users to the will & corporate profit of an out of control global behemoth.
once more,
the userthanks you for having gone to all that effort to help & diagnose.Look, you've got it all wrong! You don't need to follow me. You don't need to follow anybody! You've got to think for yourselves! You're all individuals!
-
@ybjrepnfr where I can find this setting?
Sites that can never use cookiesofftopic: is there a hidden setting to permanently allow cookies for particular site?
-
@Stardust chrome://settings/cookies
Look, you've got it all wrong! You don't need to follow me. You don't need to follow anybody! You've got to think for yourselves! You're all individuals!
-
@Stardust said in cookie management in chromium browsers remains hopeless.:
is there a hidden setting to permanently allow cookies for particular site?
yes, same link.
Look, you've got it all wrong! You don't need to follow me. You don't need to follow anybody! You've got to think for yourselves! You're all individuals!
-
@ybjrepnfr when they added this?
-
@Stardust how old is chromium? i've been able to use this internal site for the entire history of vivaldi iirc, but also the chromium browser more generally.
-
@ybjrepnfr said in cookie management in chromium browsers remains hopeless.:
@Stardust said in cookie management in chromium browsers remains hopeless.:
is there a hidden setting to permanently allow cookies for particular site?
yes, same link.
would cookies be saved after you restart browser?
-
@Stardust have you read this thread? anyway, it depends. if you're willing to accept site breakage, you can disable all cookies by default, & that works very well in stopping this sneaky storage. similarly, if you add site/s to the
always allowsection, they are indeed preserved across restarts. it's dead simple to make chromium store cookies. the exasperated point of my thread though is that it's quite terrible to stop it from saving some of the buggers. -
@ybjrepnfr said in cookie management in chromium browsers remains hopeless.:
have you read this thread?
Yes, I am sorry for the offtopic!
-
@ybjrepnfr said in cookie management in chromium browsers remains hopeless.:
the user agreed this was a wise suggestion, & duly performed it, with this unsurprising yet extraordinarily galling result:
If cookies from Twitter are still being saved, even with the "never allow from" rule in place, then that might be a bug, and I suggest
the userRecreate your settings and browse until you get the same situation with Twitter cookies being stored, then write up a step-by-step guide (without too much exposition) how to reproduce it and report to the tracker, then I will try to reproduce the same.
but atm has dozens of tabs from a diverse suite of sites, open in various workspaces, for various parallel research projects in hand
You could go through them, and looking at the Allowed/Blocked cookies from Site Info to see if you can find the source.
Otherwise, I suggest you clear out any Twitter cookies from your current install, and we will call it a "quirk that just happened" and leave it at that
For me, with several tabs open with Twitter embeds:
Going through the list of stored cookies, there's not a single domain there I do not want cookies stored from.
-
@ybjrepnfr said in cookie management in chromium browsers remains hopeless.:
@LonM ta, yes, i know, & others have also suggested this when this topic arose in prior years. indeed, it might be correct, but i am so viscerally opposed to cookies by egregious companies like twitter that merely seeing any listing of them here, generates immense angst that i am not being protected. to be clear, for comparison, firefox simply never has this problem. here, in chromium/vivaldi, there is at best ambiguity, if not outright tracking risk, whereas in firefox that simply does not arise.
Why not default to blocking cookies and make exceptions for those that you need?
-
@Streptococcus yes indeed. after several years of vainly fighting chromium/vivaldi's pernicious cookie-storage propensity in abject defiance of my settings, about 15 months ago i changed my personal vivaldi policy to exactly what you wrote. that had been working pretty well, albeit with some inconvenience [eg, over time, my list of exceptions, each manually added on an as-needed basis, has grown to be:
Sites that can always use cookies= 14,Always clear cookies when windows are closed=68 ,Sites that can never use cookies= 5. to date, i have not found the file within my profile that stores all these (for convenient transfer to other computers), so long-term management of my list is basically a pita].very early in the life of that new policy i'd realised that each day inevitably there'd be various transient sites i'd encounter as one-offs, which would be broken sans-cookies, but whose transience meant it'd be silly to bother formally temporarily adding them to my exception list. i thus created another profile, which allows 1p cookies per session, stores no history, is not used for notes or bookmarks, etc; is basically a "burner" profile, which i launch & use only for those aforesaid day to day one-off sites.
however last week, trying to research a replacement mobile phone, the constant site breakage in my main profile drove me nuts, but for this kind of research whose incremental sites i wish to permanently save in a dedicated bookmarks folder for posterity, relocating it to my "burner" profile is inappropriate [for the bookmarking as stated, plus making notes, etc (which i also like to keep permanently)].
hence, with trepidation, i decided to play with fire by finally re-enabling 1pc in my main profile... & have been regretting it ever since [ergo, eg, my abject frustration leading to creating this snarky thread].
