The following guide details how Firefox can be configured to allow cookies for specific websites that are beneficial to the user, and delete all other cookies that websites place on the computer system. Some users might even take an extra step and block all cookies but select ones in the browser.

Please note that Firefox 4 is used for the guide, the settings are however very similar in Firefox 3. Some screenshots may show the name Minefield instead of Firefox. This is the codename of Firefox 4 that was used during development.

Firefox users find all cookie settings under Firefox button > Options > Privacy. Firefox is configured to remember the browsing history by default. Users need to click on the Firefox will Remember History pulldown menu and select Use custom settings for history instead.

The important elements that appear after “use custom history” has been selected are:

• Accept cookies from sites
• Accept third party cookies
• Keep until
• Clear History when Firefox closes

• Accept cookies from sites – The setting is enabled by default. It basically enables the use of cookies in the Firefox web browser. Users who disable the option will notice that no cookies are saved from that point on.
• Accept third party cookies – Third party cookies are cookies that are set by scripts that originate from another website. A first party cookie comes on the other hand from the domain the user is on.
• Keep Until – The setting defines for how long cookies are stored by the browser.
• Clear History when Firefox closes – Configures Firefox to delete some or all history items, among them cookies.

Delete Cookies On Exit, Keep Some

Firefox needs to be configured to keep some cookies while the rest gets deleted on exit. Start with a click on the Settings button next to “Clear history when Firefox closes”. You may need to enable the option before it becomes available.

Remove the checkmark from Cookies. This configures Firefox to keep cookies on exit. Read on to find out why this is important. Close the menu with a click on OK.

Now click on the “Keep until they expire” pulldown menu and select “I close Firefox” from the options.

Cookies are now deleted on every exit. Now we need to configure cookies that we want to keep.

Option 1

A click on the Exceptions button opens a menu where cookie exceptions can be configured. Just enter the domain name of the website that you do not want cookies to be deleted for and the allow button afterwards to add it to the listing.

Cookies from domains in that list will not be deleted when Firefox exits. Cookies from domains not in the list will be deleted. Please note that this may result in you being automatically logged out of services on the Internet which you will notice when you open the service’s website again.

You may also want to keep some third party cookies, for instance advertisement opt-out cookies. It may be a good idea to take a look at the Show cookies menu once you have finished the initial whitelisting of cookies to see if you missed any. Show cookies displays all cookies that are currently active in the browser.

The menu unfortunately has no option to allow specific cookies, which usually means lots of window switching before the cookie configuration has been completed.

Option 2

Some users do not like to add web addresses to the cookie whitelist manually. Those users can use the following way instead. They need to be on the website that they want to whitelist.

A right-click on the page and the selection of View Page Info opens a window that displays information about the active website.

The Permissions tab offers to customize permissions for that specific domain. To allow cookies for the domain uncheck the Use Default option under Set Cookies and switch from Allow for Session to Allow.

Blocking Cookies

Firefox will accept all cookies, most for the session, and the whitelisted ones until they expire. Some users may want to configure the browser to use even stricter rules. They have two options to achieve this.

Removing the checkmark from the “Accept third-party cookies” setting blocks all third party cookies in Firefox. That’s the easiest way of blocking the majority of cookies in the web browser.

The second option comes in the form of the Exceptions menu. The configuration menu can not only be used to allow cookies, but also block cookies from domains that are entered.

Firefox add-ons

One of the greatest strengths of the Firefox web browser is its add-on engine. The following lists add-ons that add new options and functionality to the browser’s cookies management.

Ghostery – Displays tracking cookies with options to block them in the browser.

Add & Edit Cookies+ – Adds functionality to analyse the contents of cookies.

Cookie Monster – Adds temporary cookies to Firefox, better cookie management and other interesting options.

Verdict

Firefox can be configured to keep cookies from select websites and delete all other cookies on exit. The initial configuration takes some time and that is probably what keeps most users from configuring Firefox this way.

Add N Edit Cookies is a Firefox extension that integrates cookie manipulation in the web browser. A link to the cookie editor is added at the end of the tools menu. It will load in a separate window that acts independently meaning that it is possible to use Firefox with the Cookie Editor window being open.

The main window provides access to a filter that can be used to locate specific cookies. By default all cookies are shown in the list sorted by their site and cookie name. A click on a cookie will display extensive information including the cookie’s content, the path, host and expiration date.

A double-click on a cookie will load the editor with possibilities to edit the parameters of that cookie. It is possible to change the name, content, domain, path, connection and expiration date.

Another option would be to use the Cookie Editor to delete cookies. That’s simply a matter of selecting the cookies that should be deleted and pressing the Delete button.

The last option is the Add button which makes it possible to add a new cookie to the browser.

The blacklist would contain websites that should not be allowed to place cookies on the user’s system. A die hard approach would be to start every new site in the blacklist and move it to either the temporarily allowed sites or the whitelist when needed.

The temporary list would contain sites that would require cookies to work properly but that are not trusted enough – or where it is not necessary – to be placed in the whitelist.

Firefox:

If you look at the cookie management features in a blank version of Firefox – that is one without extensions – you notice that it already comes with a few features that are required. The basic settings are to accept cookies / third partie cookies and keep them until they either expire (that would be set by the webmaster of the website), you close Firefox or to ask the user how he would like to handle the cookies.

There is also an option to add exceptions. Exceptions handle cookies from websites that are entered by the user this way. Cookies of those websites can either be allowed, blocked or temporarily allowed which would exactly be what we have been looking for.

Now while this might be everything needed it is highly uncomfortable to work with. Permit Cookies is a Firefox add-on that makes the whole process easier.

Opera:

Cookie management in Opera does not come with an option to whitelist or blacklist websites. Users can accept cookies / third party cookies and also make the browser to disallow all cookies. There is an option to delete new cookies when exiting Opera and an option to ask the user whenever a new cookie is encountered.

The ability to manage cookies is different to that of Firefox. Opera users can manipulate cookie contents and delete already existing cookies. There is however no way to add exceptions.

Opera’s Site Preferences make it possible to configure cookies per website visited.

This makes it possible to accept or block cookies for specific websites.

Google Chrome:

Google Chrome’s cookie management consists of one pulldown menu with three options. Users can either allow all cookies, restrict third party cookies or block all cookies. It is possible to take a look a the cookies with the option to search and remove selected ones or all of them.

Internet Explorer 7

Internet Explorer 7 comes with sufficient cookie management. Users can use a slider to pick on of six available cookie management options. This ranges from accepting all cookies to blocking them all. In between are restrictions for some first and third party cookies.

Internet Explorer 7 makes use of a whitelist and blacklist to permanently allow or block cookies of specified websites. It’s also the only browser with options to override automatic cookie handling to configure first-party and third-party cookies in detail. At least in the main menu that is.

Conclusion:

Firefox and Internet Explorer provide the most options for their users to handle cookies. Everything that is not directly available in Firefox can be added with some extensions. Opera is the only browser that allows cookie manipulation but fails to provide a blacklist and whitelist. Google Chrome on the other hand offers a miserable cookie management.

Opera is the web browser with the most extensive options for managing cookies. It is the only browser that makes it possible to manipulate cookies. Firefox users can add this option by installing add-ons for the browser. Both Firefox and Internet Explorer come with enough options to manage cookies including the possibility to whitelist or blacklist sites.

Google Chrome on the other hand is the only browser that has an inferior cookie management with no options to add websites to a whitelist or blacklist.

The big question is how you can make sure that cookies are excepted for identification purposes and not accepted when you do not login into a website. The answer is a cookie manager that works on a per site basis. I need cookies for my blogs for instance and sites like eBay or Amazon but do not need them on sites where I do not login, say Google Search or other blogs that I do not administrate but only visit as a reader.

CS Lite is definitely one of the best Firefox Cookie Managers. The most effective way to manage cookies on your system is in my opinion to block them globally and enable them on a per-site basis. Blocking them globally ensures that no cookies will be set unless you explicitly allow them to be set. A good rule of thumb is to visit a website and if you do not recognize any problems you can keep the cookies blocked.

The first thing that I did after installation of CS Lite was to enable the global blocking of cookies in the options. The extension adds a icon to the Firefox statusbar that can be used to allow cookies for a specific site you are currently on. I did use this option to enable cookies for the sites that I visited throughout the day and that needed cookies to function properly.

I would like to point out two interesting features of the extension. The first is a blocklist that can be downloaded from the Internet. This blocklist contains more than 200 companies that set cookies to track users. This blocklist is accessible in a table that also contains the allowed domains. Downloading the blocklist makes only sense if you do not disallow cookies globally.

If you run a website and use some of those advertisement companies you should make sure to enable cookies for those services.

Update: The author has pulled the add-on from the Mozilla add-on repository. Check out how to selectively block cookies here.