Site can read cookies even though they are blocked about umatrix HOT 8 CLOSED

@guakamole Writing cookies is allowed by uMatrix. Read the doc.

from umatrix.

+1

I'll add that sites can write cookies even though they are blocked in the matrix. Note that it seems to be related to first party cookies only (third party are blocked by firefox anyway so I can't tell).

Firefox 61.0a1 and uMatrix 1.3.4.

from umatrix.

uMatrix is working properly. Cookies are not leaving your browser at all.
The value of the Drop Down menu is not set by the DDG server, it's set by a local script
that reads the cookie and changes the value of the Drop Down menu after the page is loaded.

from umatrix.

I've tried finding more ways to block cookies

Cookie-AutoDelete works great for me with uMatrix and uBlock Origin:
https://github.com/Cookie-AutoDelete/Cookie-AutoDelete

from umatrix.

Thank you for your answers.

I didn't know that cookies are actually allowed to be written. This is quite counter-intuitive. When I block something in the matrix, I would expect for it to be... blocked. And if people want to inspect what is going on (as stated in the doc), free for them to temporarily unblock the domain in the matrix.

There is still a problem somewhere anyway, even with the "Delete blocked cookies" option checked, cookies never get deleted. Here are my settings:

By the way, what is up with the 15min limit ? Why can't I set it to 5 or 10min ?

from umatrix.

They are currently issues with cookie deletion in some cases, see #878. The minimum interval is set by the browser AFAIK.

from umatrix.

That requirement is most of the times a workaround to bypass adblockers or grab as much data as possible from the visitor's browsers. That's why we should block scripts when not needed.

from umatrix.

The idea is if someone is unhappy with the 0-120 seconds gap before cookies are deleted by uMatrix, whitelist cookies in uMatrix and use a specialized extension which does what you want if you can find one.

from umatrix.