Cookies and the like

[jfgw]

Ironically, the only way a web site can remember that you don't want cookies, is by using a cookie

Certainly, if every time you see the thing asking if you want to accept cookies you answer “No”, you will get the same rather tiresome message every time you visit, as there will be nothing to indicate to the site that you have ever visited it before.

Each time you click on a link to a different page within the same website, that is a separate visit. If you visited 20 pages (including repeat visits to the same page) in what you might think of as one visit, you would (if every page wanted to save a cookie) get that message 20 times.

Julian F. G. W.

[UncleEbenezer]

Ironically, the only way a web site can remember that you don't want cookies, is by using a cookie

Certainly, if every time you see the thing asking if you want to accept cookies you answer “No”, you will get the same rather tiresome message every time you visit, as there will be nothing to indicate to the site that you have ever visited it before.

Each time you click on a link to a different page within the same website, that is a separate visit. If you visited 20 pages (including repeat visits to the same page) in what you might think of as one visit, you would (if every page wanted to save a cookie) get that message 20 times.

Julian F. G. W.

Well, it could instead track your preferences in a URL component.

Ironically that would tend to mean a whole lot more loss of privacy than a cookie, because (for example) if you ever shared or bookmarked such a URL it would reveal the information about you that would otherwise have been kept privately in the cookie.

[madhatter]

Well, it could instead track your preferences in a URL component.

Ironically that would tend to mean a whole lot more loss of privacy than a cookie, because (for example) if you ever shared or bookmarked such a URL it would reveal the information about you that would otherwise have been kept privately in the cookie.

Depends how it is done. Some years ago I was helping code a few websites, including one which allowed a customer to select items from an online catalogue, for delivery by van, and as the items were to be paid for on delivery, there was no need to hold sensitive customer information. There was, however, the need to remember which items from different pages were selected, and how much they would cost.

I never found the need to use proper cookies, but did have to use what are called session cookies, without which the site would not have worked. Session cookies disappear at the end of the session so they are bit different to what is under discussion. It was certainly possible to pass this information from one page of a website to another page of the same website via a bit tagged on to the end of the URL and that would have been a security risk in that if exactly the same URL was copied to another computer, it would see the same page.

The original website is now long gone, replaced with a full ecommerce site, but the ability to pass information from one page to another on the same site via a code added to the URL is still available, but can be made vastly more secure using the curiously named “nonce” (number used only once).

A few years since I needed to remember this stuff, so I may misremember. I have used this “nonce” when writing a WordPress plugin to assist the same web developer who set up the site for the van delivery. The point about the jolly old nonce is that it is a code number generated once, and it is looked for by the second page to validate the rest of the URL sent to it. Also, it has to be a very short time after the number was generated and (I think) on the same machine or would be rejected.

I’d be surprised if something like that was not used on this site, unless there is a better way still.

[Infrasonic]

It's relatively easy to block/allow almost anything you want (cookies 1st or 3rd party, scripts, flash, pop ups et al) with browsers like Chrome, either from advanced settings or using extensions (which are generally quicker with more granularity available.)

The problem is if you aren't technical you'll break a lot of websites if you get too draconian, which for certain services like banking is not such a great idea.

So for the non techies the best bet is to have two browsers, a general 'privacy first' one which will block the most egregious stuff, delete cookies on exit et al without having to fiddle with loads of advanced settings. Use that for general surfing.

Then have another one set up as a 'logged in services only' browser that will allow third party cookies, JavaScript, maybe pop ups etc. so you don't run into functionality issues. Don't use that browser for general browsing at all.
If you are more confident you can go into advanced settings and block things like third party cookies/JS/Pop ups, but with the ability to whitelist as needed, (down to the individual cookie level if you want.) Or run a CCleaner cookie whitelist as explained upthread.
It can get very time consuming doing all that though, horses for courses...

[Lanark]

Heres an example I found -
look at this carefully and try to spot the option to SAVE and continue with NECESSARY cookies not the Recommended ones:

[brightncheerful]

All very interesting, thank you.

Out local newspaper, one of the Newsquest stable - http://www.newsquest.co.uk - has its own method. When you visit, (presumably no cookies already installed) up pops accept or show options. if you click show options and deselect them all, cookies are installed regardless. On the site, a few seconds later up pops an invitation to take a survey. If you click close, no, later whatever, it says sorry and confirms having added something else to ensure you're not bothered again.

[roger4]

Perhaps using the "Private" browser is the way to go. I was using Firefox on my Mac but switched to Safari (Apple's browser). I was in the habit of clearing all cookies at the start of each day. I had used the private option whenever I was buying stuff or banking but for some reason decided to try always using "Private" option. I continued clearing cookies each morning.
Using the normal browser I would have anywhere between 80 and 100+ cookies to clear each morning and when I switched to "Private" this was initially reduced to half a dozen which included Google, Facebook and Twitter (even though I do not subscribe to any social media). This continued for a couple of weeks but now when I look at cookies held, the answer is "None".
I feel happier as a result, justifiably or not.