I’m migrating from Brave. I have a whitelist of (sub)domains that I allow to save cookies, a blacklist that’s never allowed, and the rest get deleted when I close my browser.
I ported this list to LibreWolf but I cannot find an option to view exactly which domains are setting cookies. For example, on YouTube, accounts.youtube.com is enabled to keep me logged in. But when I click the settings icon on the search bar, it only gives me the option to delete cookies for youtube.com and doesn’t list which domains are setting cookies. This is fine for youtube because I already know but not alright for new websites that I might use.
The rules doesn’t accept regex either. So if I want to block accounts.google.com, I cannot block *.google.com. I have to block the domain and all the subdomains individually. Which is even harder because of the first issue.
Settings > Privacy & Security > Cookies and Site Data > Manage Exceptions…
Add a site and click “Allow”, and that site’s cookies will be allowed to be set and will not be deleted automatically.
This answers the title, I’ll give you that.
Firefox’s cookie management is absolutely terrible and anachronistic, forget about automated granular control. It also has serious bugs like this one, it’s better to use containers for any site where you want a whitelist.
There are some addons to help you manage it, but I think they are all flawed or broken.
With cookie auto delete
Yeah, https://github.com/Cookie-AutoDelete/Cookie-AutoDelete and works with Firefox containers.
I don’t think Firefox has this feature. Probably because it requires constant care and maintenance not to end up breaking websites.
Personally, I use temporary containers. Basically, every new tab has a new cookie store (that gets auto-deleted after the last tab closes), unless I open a site in a specific container (built into the browser, but this addon by Mozilla actually makes it usable) that allows for long term logins. This way, third party cookies are essentially isolated and irrelevant, because even two tabs right next to each other, rendering the same domain, will have different cookies.
This also made it essential for me to get Consent-o-Matic, because every “please let us sell your data” popup will show every time you load a website.
You could use the uMatrix extension to control not only cookies, but everything else (like scripts, css, images) by subdomain. Inb4 someone says it’s outdated. It works perfectly fine.
man this is so nice. just youtube account and video player are allowed, nothing else. thanks for this
You can see which cookies are set in the dev tools under Storage.
