1. PM custom cookie settings in Preferences > Privacy:
. Allow sites to store cookies and data CHECKED
. Accept third-party cookies NEVER
. Allow cookies to remain UNTIL I CLOSE PALE MOON
Thus, ALLOW ONLY 1ST-PARTY COOKIES AND DISCARD AT END-OF-SESSION is my (intended) PM default setting, before extensions.
I then use SD Cookies to modify the retention period of cookies, the default, of course, being to destroy each site's cookies after closing its tabs rather than waiting for end-of-session. Sometimes, to get a site to work, I use SD Cookies change the cookie retention period to SESSION (delete at end-of-session) or to ALLOW (never delete). When SD Cookies is installed and Cookie Controller is not installed, this all works as intended.
When needed to interact satisfactorily with a site, I use Cookie Controller to ALLOW 3RD-PARTY COOKIES or, when necessary, to DENY COOKIES altogether. However, this is not done explicitly: to allow 3rd-party cookies for a specified site, one must invoke either SESSION or ALLOW (permanent cookies).;
(As with SD Cookies, I sometimes use Cookie Controller to change the cookie retention period to SESSION (delete at end-of-session) or to ALLOW (never delete). This is not the source of the problem I am experiencing.)
From my perspective, it seems that first two abovementioned actions — allowing 3rd-party cookies and denying cookies — ought to be possible explicitly and independently, without affecting SD Cookies. In fact, when Cookie Controller is installed and SD Cookies is not installed, this all works as intended.
Before continuing, I wish to communicate crystally clearly why I use both of these extensions together:
- SD Cookies automatically destroys cookies sooner than any PM policy to which I have access.
Cookie Controller makes it possible for a user to enable 3rd-party cookies or to deny all cookies to specific sites, albeit implicitly.
Following are notes about what happens with both extensions installed together, in the hope that these might prove useful.
When both extensions are installed together, here is what DOES work:
1. When I use Cookie Controller to change the site cookie setting to ALLOW and reload the page, SD Cookies matches by changing its setting to ALLOW.
2. When I use Cookie Controller to change the site cookie setting to ALLOW 1st-PARTY ONLY, SD Cookies matches by changing its setting to ALLOW.
3. When I use Cookie Controller to change the site cookie setting back to SESSION and reload the page, SD Cookies matches by changing its setting to SESSION.
4. When I use Cookie Controller to change the site cookie setting to DENY, SD Cookies responds by changing its setting to destroy site cookies AFTER YOU CLOSE ITS TABS, which works because no cookies for the specified site are ever permitted.
5. When I use SD Cookies to change the site cookie setting to ALLOW, Cookie Controller complies (without requiring a page reload).
6. When I use SD Cookies to change the site cookie setting back to SESSION, Cookie Controller again complies, again without reloading the page.
When both extensions are installed together, here is what DOES NOT work:
7. When I use SD Cookies to change the site cookie setting to destroy site cookies AFTER YOU CLOSE ITS TABS, Cookie Controller responds by changing its setting to the PM default cookie setting, 1st-PARTY COOKIES ALLOWED, destroyed on END-OF-SESSION. Thus, changing the SD Cookies setting causes 3rd-party cookies to be blocked, as specified in the PM custom cookie settings; the implicit override is eliminated.
8. When I use SD Cookies to change the cookie site setting to ALLOW, Cookie Control responds by changing its setting toward the PM default cookie setting, 1st-PARTY COOKIES ALLOWED BUT NOT destroyed on END-OF-SESSION. Once again, 3rd-party cookies are blocked.
Well, hopefully I’ve communicated enough to convey a clear picture: enabling the user to toggle between 1st- and 3rd-party cookies for any specified site, independent of cookie-destruction timing settings, would enhance users’ ability to regulate their own exposure to cookie-based privacy intrusions. I believe that offering this complete set of capabilities in a single extension would ensure inter-feature compatibility better than having distinct extensions. Of course, this would also enable any users who employ the Cookie Controller extension, which remains a Firefox / non-PM extension, to terminate their use of it. But that's a secondary benefit; the primary benefit is increased user control over 1st/3rd-party cookies concurrent with increased user control over cookie destruction/retention.
Who knows, perhaps the resulting extension might be named "Cookie Power!".
Thanks to everyone who has read this rather long post.
Best to all!