I see plenty of extensions for viewing / editing cookies, or blocking or whitelisting by site, but I'd like to block cookies based on names. Does such an extension exist?
Scenario: various advertising tools and session management modules are available to install on individual sites. These use the same cookie names on each site, but have different sites associated with each cookie. Examples: Open AdStream (OAS), Urchin Tracking Module (__utm).
Ideas?
an extension to block cookies based on name?
-
- Posts: 21
- Joined: June 11th, 2003, 3:55 pm
- jscher2000
- Posts: 11762
- Joined: December 19th, 2004, 12:26 am
- Location: Silicon Valley, CA USA
- Contact:
If you block JavaScript from selected cookie-generating domains, they will not deliver any bits to your computer, let alone seek to place any cookies. You could try NoScript or manually add them to a list of JavaScript-denied domains in your user.js file. More info on the latter: http://www.mozilla.org/projects/securit ... jspolicies
-
- Posts: 21
- Joined: June 11th, 2003, 3:55 pm
That would be far too cumbersome to do. Some sites that use these have scripts or cookies I do want. And the number of sites that set __utm cookies is staggering. Sometimes these are set with javascript, but I'm not convinced that's all of them. There is also a __utm.gif I see (and can block by other means), so these maybe be set on certain GET responses. Currently I am pursuing a privoxy solution to this, because that looks about a hundred times easier than writing my own extension.
-
- Posts: 49
- Joined: September 22nd, 2013, 12:39 pm
Re: an extension to block cookies based on name?
I know, a 10 year old thread. But this is something that should be standard, IMHO.
I can't believe I have only just realised how essential dropping cookies by a few rules is. eg "__utm*" serves no purpose to the user and can be safely ignored by any site that tries to set it. Having just had a play with FF's cookie manager on a commercial price comparison service's website, I can say that mooching cookies can be deleted without any functional problems. Delete a session ID cookie and the site logs you out - as expected. But delete useless malware-like cookies and the web app just keeps serving the user.
If some site has made actual functionality reliant on the malware then the whole thing is best avoided anyway, IMHO there cannot be a false-positive with this. I take the same approach with adblock filters, and strip any whitelisting they come with: the bug is with the site, not the desire to preserve privacy.
I can't believe I have only just realised how essential dropping cookies by a few rules is. eg "__utm*" serves no purpose to the user and can be safely ignored by any site that tries to set it. Having just had a play with FF's cookie manager on a commercial price comparison service's website, I can say that mooching cookies can be deleted without any functional problems. Delete a session ID cookie and the site logs you out - as expected. But delete useless malware-like cookies and the web app just keeps serving the user.
If some site has made actual functionality reliant on the malware then the whole thing is best avoided anyway, IMHO there cannot be a false-positive with this. I take the same approach with adblock filters, and strip any whitelisting they come with: the bug is with the site, not the desire to preserve privacy.
- DanRaisch
- Moderator
- Posts: 127234
- Joined: September 23rd, 2004, 8:57 pm
- Location: Somewhere on the right coast
Re: an extension to block cookies based on name?
Yes, the thread is ten years old and there has been no activity for that same 10 years. Let's let the dead thread rest in peace.
Locking due to the age of the original post.
Locking due to the age of the original post.