Hacker Newsnew | comments | ask | jobs | submitlogin
jnorthrop 939 days ago | link | parent

In the Firefox preferences go to the Privacy tab and select Use Custom Setting for History in the History section. From there you will see the check box to accept 3rd party cookies. Keep in mind this will prevent webmasters from using things like Google Analytics. Which you may want anyway but I thought it was worth mentioning.


dchest 938 days ago | link

Are you sure that setting "Accept cookies" to "off" will prevent third-party sites from reading cookies as well?

-----

jnorthrop 938 days ago | link

Good question and I'm not sure. I would guess that if it doesn't accept them then it wouldn't read them either. The first step in the cookie transaction would be to check whether that cookie already exists (an attempt to read the cookie). It would seem easiest to stop that process at that point based on user preferences rather that just programming it to check at the actual write time.

This is all speculation though.

-----

dchest 938 days ago | link

But once you sign in to Facebook, you have the cookie, so browser will send it if there's no read blocking.

-----

fgaaghf 937 days ago | link

Based on the small amount of testing I did on couple versions of Firefox, disallowing third party cookies means only websites you are directly visiting can read or write any cookies.

So if you go to facebook.com and it sets some cookies and later you go to somerandomblog.com that has some images from facebook.com, Firefox will not send cookies to facebook.com, since you are not visiting it directly.

Now obviously if somerandomblog.com has javascript from facebook.com on it, then that javascript can read cookies from somerandomblog.com and do pretty much anything it wants with that page.

-----

abredow 938 days ago | link

Cookies can still be read if this is set to "off."

-----




Lists | RSS | Bookmarklet | Guidelines | FAQ | DMCA | News News | Feature Requests | Bugs | Y Combinator | Apply | Library

Search: