< Depressed Dog On Spaceship
Next >

[Comments] (3) Cookie Do-Over: I don't know if this is something that should be added to the web browser or done as an extension, or if there's some way to do it already, but it would help me out a lot. I have Firefox configured to, every time it's sent a cookie from a new domain, ask me what to do with the cookie. Most of the time it's deny, deny, deny. But sometimes it turns out the right answer was "allow for session", and now I can't use the site.

To fix this, I have to go into the cookie 'Exceptions' and figure out which decision to undo. Usually it's the decision for 'domain.com', the site I'm trying to use, so the process is annoying but not terribly difficult. Sometimes I need to check for both 'domain.com' and 'www.domain.com'. That's not a big deal either.

But sometimes the magic cookie domain turns out to be "r.a.ndom.subdomain.domain.com", a subdomain I've never heard of that's just used for authentication. r.a.ndom.subdomain.domain.com doesn't show up in the 'Exceptions' list near domain.com, and so I don't know it exists. It was shown to me once but I was hitting deny, deny, deny and didn't see it. The only way to see it again is to run Live HTTP Headers, reload the page, and see which of the 50 HTTP responses try to set a cookie.

What I'd really like to do is call a do-over. Reload the page and have Firefox ask me all the cookie questions again. If I miscalculate which cookies are actually necessary to use the site, I just call another do-over.

This was much easier to explain once I realized that the right word was "do-over". Thanks, schoolyard fecklessness.


Posted by Evan at Thu Dec 04 2008 11:05

schoolyard vocab recollection:

"no chain breaks" -- response when someone asks for a do-over
(ie play on "no changebacks")

Posted by Nathaniel at Fri Dec 05 2008 04:19

Presumably it would also be nice to just have it deny all cookies by default, and only *ever* show that UI when you request a (now misnamed) do-over.

Posted by Leonard at Fri Dec 05 2008 07:29

Yes, that's another use case.

[Main] [Edit]

Unless otherwise noted, all content licensed by Leonard Richardson
under a Creative Commons License.