Mozilla changes Firefox's cookie policy, improves user privacy
Many browser developers have added various features and options to their web browsers to improve the privacy of users on the Internet. All include a private browsing mode for instance now which users can make use of to prevent the saving of session related data on the computer system they are using.
Companies have also pushed forward the Do Not Track feature which tells websites that users do not want to be tracked. Do Not Track is not a mandatory feature though and it is up to each individually website and company to either comply with the request or ignore it.
Cookies, small data files saved to the local system when users connect to websites, are often used to track users on the web.A distinction is made between first party and third party cookies. First party cookies are saved by the domain a user is connecting to.
If you open the Reddit homepage for instance, any cookie send by Reddit to the local system is considered a first party cookie. Third party cookies on the other hand originate from scripts that are run on a site. A script like Google Adsense saves cookies on the system. It is allowed to do so because it is run on the site the user is connecting to.
Mozilla two days ago announced a change to how the Firefox web browser is handing cookies in the future. Firefox from version 22 on will handle cookies in the following way:
- First party cookies are still saved automatically unless the user has modified the preferences of the browser in this regard.
- Third party cookies are only saved to the system if its origin has at least one cookie set already. So, if you go to a site that has a Facebook like button implemented, Facebook may not be able to set a cookie on your system unless you have been to the main Facebook website previously.
The new policy is not as strict as disabling all third party cookies using Firefox's preferences, but stricter than how Google Chrome is currently handling cookies (allow all).
Impact on site functionality should be minimal as third party cookies are usually not required for a site's functionality. Some sites will break however as a consequence and it is not really clear how those will be handled when the patch lands in Firefox 22.
One suggestion that has been made was to accept third party cookies for a session and delete them once the session ends. This would remove the tracking aspect without interfering with site functionality.
Advertisement
It would be nice if they eventually make it where the flash cookies can be seen and be separate as well.
They will include other forms of storage in future upgrades.
I believe that this is a good idea, as long as the user keeps the option to set this to never or always (and from your screenshot it seems that it will).
I guess the default value for third-party cookies will be “always” as it will have been previously.
In 12 years on the Web, I’ve never allowed 3d part cookies, IE as well as Firefox. I recall a problem once. There is no legitimate reason for those cookies, if required I ban the site from my occupations.
As far as I understood it, Firefox 22 and newer will block third party cookies by default unless the originating server has set at least one first party cookie.
OK. Good. Once you are aware of the number of users that stick on default settings whatever application it be, opting in (with security & privacy as references) is truly fair-play.
Safari has this policy for years.
Bug was parity safari so already know but thanks for sharing with others.
Right, thanks for the tip btw.
:-)