Not logged in
Log in now
Create an account
Subscribe to LWN
LWN.net Weekly Edition for May 23, 2013
An "enum" for Python 3
An unexpected perf feature
LWN.net Weekly Edition for May 16, 2013
A look at the PyPy 2.0 release
Mozilla, Google and privacy
Posted Aug 15, 2009 20:01 UTC (Sat) by Tobu (subscriber, #24111)
Yeah, but it is ineffective.
I have this option in Chromium and Firefox. All it does is check that the cookie setter (RFC 2965, the dom, maybe equivalents in html5 dom storage
) requests a domain compatible with the current domain.
Content included from another domain works around it, and here both Firefox and Chromium have a myriad of cookies from adservers (these aren't leftovers, they get removed at the end of a session through another firefox setting).
The problem is that the effective way to prevent this (namespace cookies with the referer domain in addition to the cookie domain) hasn't been implemented, and these settings are just a distraction. I haven't tried Safari, but at least for the browsers I use, exposing them as "block third party/tracker/adserver cookies" is misleading. Maybe there is a reason fixing this is not that simple, but I suspect the reason is a big conflict of interest.
Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds