Firefox rolls out Total Cookie Protection by default to all desktop users worldwide | It is Firefox’s strongest privacy protection to date, confining cookies to the site where they were created

Cosmicomical , 10 hours ago

Does this stop me from adding to my website an iframe to facebook where facebook can keep its cookies for my user? That would be great but I doubt it.

monogram , 10 hours ago

IIRC an iframe contents is treated as a separate window, so cookies aren’t shared either

Feyd , 10 hours ago

developer.mozilla.org/en-US/docs/…/postMessage

monogram , 3 hours ago

That’s horrific WHY?

do not add any event listeners for message events. This is a completely foolproof way to avoid security problems. 🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡

Cosmicomical , 1 hour ago

Sure, but the separate window can be on a different domain. Now you have a way to share cookies across multiple websites on different domains if all of them include an iframe to this external domain. And you can use in-browser messages (see window.postMessage()) to communicate between iframes and main window.

Psythik , 8 hours ago

I haven’t worked with HTML since 1999; I hate that I’m just now finding out that iframes are somehow still a thing in the modern world. What the actual fuck. Why? Don’t we have some fancy HTML5 or Ajax or something that can replace them?

gamermanh , 8 hours ago

HTML5 can store HTML files inside of HTML files, allowing you to do what an iframe does but with a static (or updated when the page refreshes or whatever) html page

AJAX also has something that can replace iframes

But iframes continue to exist likely for legacy and how easy it is to get a basic page running using them for home projects

Cosmicomical , 1 hour ago

Yeah i don’t know why, probably exactly because is such a neglected feature that it offers workarounds for some limitations, like in the case of cookie-related patterns.

ssm , 7 hours ago

Very good! Please remove anonym/PPA, DoH to cloudflare, Google search, telemetry, and pocket next, and I’ll make a consideration to stop calling your browser malware!

TrickDacy , 7 hours ago

Shocker, FF troll hates on FF even when it does good things

ssm , 5 hours ago

1 step forwards 3 steps back is still 1 step forward 3 steps back

terminhell , 10 hours ago

Well, now how am I supposed to cross reference my need of fuzzy slippers and woodworking stuff?!

ChaoticEntropy , 34 minutes ago

Is this different from blocking 3rd party cookies?

LodeMike , 11 hours ago

Let me guess, itll still let websites see a list connected microphones and cameras with zero user interaction?

Blackmist , 9 hours ago

Trying

<span style="color:#323232;">navigator.mediaDevices.enumerateDevices()
</span><span style="color:#323232;">.then(function(devices) {
</span><span style="color:#323232;">  devices.forEach(function(device) {
</span><span style="color:#323232;">    console.log(device.kind + ": " + device.label +
</span><span style="color:#323232;">            " id = " + device.deviceId);
</span><span style="color:#323232;">  });
</span><span style="color:#323232;">})
</span>

it appears to have no label and the ids are randomly generated per site.

LodeMike , 6 hours ago

So it still ahows the number of devices then?