seanob86
commented
5 years ago I use Firefox's internal settings to block all cookies and then site exceptions to either allow cookies permanently or for session only.
@Thorin-Oakenpants I too have had this setup by blocking all cookies and configuring site exceptions (v.68). However, I just updated to v.69 and now the site exceptions are not being adhered to. For example site exceptions to allow cookies or session only cookies are still blocked.
I tried a vanilla profile without the user.js and manually setup the prefs (block all cookies and setup a test site exception) and that seemed to work fine as per v.68. Restored user.js on new profile and again site exceptions are being ignored and cookies still being blocked.
in my overrides I have the following to block all cookies
user_pref("network.cookie.cookieBehavior", 2);
Is it just me or is this an issue with v.69 and the user.js?
rugabunda
gwarser
https://github.com/ghacksuserjs/ghacks-user.js/wiki/4.1-Extensions
Cookiebro is by far the best cookie cleaning addon to date; https://addons.mozilla.org/en-US/firefox/addon/cookiebro/
The cookie log gives a realtime log of cookies as they appear... this and the interface allows a user to blacklist individual cookies on individual sites, or globally with wildcards, whereas cookie autodelete only allows to delete all cookies on a given site. It has its own cookie editor as well.
It effectively deletes cookies left behind by cookie autodelete, which can leave hundreds of cookies in place even after clicking to clean or using the whitelist approach. Using both cookie autodelete and "self destroying cookies", they left behind cookies from ad and marketing sites, some of them dating back 4 months or more, even after explicitly using the "clear" function. Cookiebro deletes them all. Its also 32% smaller than cookiebro.
Privacy warning: fetches favicons from google for the cookie log viewer to better discern the websites listed. These connections are visible in browser console, or
about:cache?storage=disk&context=Disable this setting to increase privacy. Google can also drop google NID cookie, which is both a settings & targeted tracking cookie, when pulling favicons from google.com, though this cookie was not always dropped in other firefox browsers in testing this extension.Use a whitelist approach, whitelist only those sites you login to, and set to delete unwanted cookies on a timed interval to not break sites, and ensure no tracking cookies, zeroday or otherwise, sneak by all other protections long enough to track you. It has an extremely intuitive interface for just whitelisting and blacklisting.
Best set with mozillas built in third party tracking blocking, to prevent site breakage. Blocking third party cookies in total can break sites.
Enable:
Auto-delete unwanted cookies at browser startup Auto-delete indexedDB and localStorage of websites at browser startup Auto-delete pluginData (e.g. Flash Cookies) of normal websites at browser startup Enable blacklist filtering Delete ETag HTTP Response header from blacklisted sites with no matching whitelist setting Delete Link HTTP Response header from blacklisted sites with no matching whitelist setting Delete unwanted cookies every 30 min
Blacklist example:
*.*/*GeoIP*[globally block any cookie that contains the name GeoIP]github.com/has_recent_activity[on github block recent_activity cookie]*.*/__cfduid[block cloudflare tracking globally]Chameleon, I agree with your statement, while it is great for experimenting, its wise to use a minimalist approach... It can enhance security greatly by enabling two options only, that is
the most basic static user agent switch, ex. to Safari on Mac (malicious sites and state actors will drop malware and use targeted exploits for Mac/Safari on my windows machine, or visa versa. This is a huge security improvement on its own) I found only skype.com [for login] & presstv.com [for video player] needed whitelisting for this setting after a year of browsing, and
"script injection", which is very important, and necessary for spoofing not to be detected by Java scripts. I was using "User-Agent Switcher and Manager" previously, the spoofing was detected on https://whoer.net/ . Spoofing succeeded in the header, but failed in java scripts. Using Chameleon with Script injection fixes this leak.
Privacy Badger
Contrary to what is stated on your wiki page PrivacyBadger does do things ublock origin wont do, for example, because it learns as it goes without whitelists or blacklists, it will detect unknown trackers that have yet to be flagged by the ublock community... and it deals with referrers, third party tracking cookies and supercookies in local storage, first to third party cookie sharing via image pixels, canvas fingerprinting, automatically prevents social media widgets, domains and cookies from tracking a user across the web in a very convenient way that does not hide the element... which makes whitelisting much simpler than Ublock. This means it is redundant to use social media blocklists in Ublock Origin while using privacy badger.
PrivacyBadger uses algorithmic learning and not a blacklist, so anything that Ublock has already blocked will appear in the green in privacy badger, even if it is a tracking company. It blocks a LOT of cookies and tracking websites with Ublock origin already installed with all blocklists enabled. Your list of automatically detected, blocked and restricted domains in PrivacyBadger will become quite large. In my case, 1846, 1152, 972 respectively from most used, to least used browsers. PrivacyBadger on top of UBO has great benefits, with no negative impact on site functionality.