Network.cookie.cookieBehavior
Contents
Background
This preference controls how the browser allows cookies.
Possible values and their effects
0
All cookies are allowed. (Default)
1
Only cookies from the originating server are allowed.
2
No cookies are allowed.
3
Third-party cookies are allowed only if that site has stored cookies already from a previous visit (Firefox 22.0 and SeaMonkey 2.19 and later) (obsolete) Cookies are allowed based on the cookie P3P policy
UI
Firefox 3.0 and above
Tools -> Options -> Privacy / Cookies
- "Accept cookies from sites"
- Accept third-party cookies
Note: Unchecking "Accept third-party cookies" will allow cookies from the originating server only.
Firefox 2.0
Tools -> Options -> Privacy / Cookies
- "Accept cookies from sites"
Note: The option to only allow cookies from the originating server was removed from the UI in Firefox 2.
Firefox 1.5
Tools -> Options -> Privacy -> Cookies
- "Allow sites to accept cookies"
- "for the originating site only"
SeaMonkey
Edit -> Preferences -> Privacy & Security -> Cookies / Cookie Acceptance Policy
- Block cookies
- Allow cookies for the originating web site only (no third-party cookies)
- Allow third-party cookies for previously visited websites only (SM 2.19 and later)
- Allow all cookies
Mozilla Suite
Edit -> Preferences -> Privacy & Security -> Cookies / Cookie Acceptance Policy
- Allow all cookies
- Allow cookies for the originating web site only
- Block cookies
- Allow cookies based on privacy settings
Caveats
- Disabling cookies will break many sites that require you to log in.
First checked in
Has an effect in
- Netscape (all versions since 7.2)
- Mozilla Suite (all versions since 1.5)
- Phoenix (all versions)
- Mozilla Firebird (all versions)
- Mozilla Firefox (all versions)
- SeaMonkey (all versions)
Related bugs
- Bug 200632 - cookie rewrite, phase 3
- Bug 324397 – Third-party cookies should be blocked by default (flip the hidden pref)
- Bug 349680 – "Allow sites to set cookies for the original site only" missing from cookie preferences
- Bug 417800 – Revert to not blocking third-party cookies (was: 3rd party cookies should be *sent* even when blocked from being *set*)
- Bug 419596 – add third party cookie blocking option to cookie pref UI
- Bug 818340 - Block cookies from sites I haven't visited
- Bug 845353 - New 3rd-party cookie restriction to visited websites is default but not an option in Cookies pref pane