Firefox rolls out Total Cookie Protection by default to more users (2022)

It says <i>Updated Aug. 28, 2024</i> - what is the update?<p>That they&#x27;re expanding the deprecation of third-party cookies that they blogged about in December?<p><i>Edit</i>: yes, looks like that last paragraph is the addition

Honestly, I barely understand how Firefox&#x27;s cookie protection works anymore. It used to have the simple option to block third party cookies that I had running all day and felt good with. That was until they started becoming necessary in certain scenarios (I can&#x27;t even remember the details of what that was).<p>And then these days I have no idea if I can just accept a website&#x27;s advertising cookies and expect Firefox to block them anyways, or if clicking on such a button would disable the browser&#x27;s tracking protection.

This is so cool. Makes me wonder why it hadn&#x27;t been done already. Side note: Could have used something else other than the TCP abbreviation probably, but who cares

This is from 2022.<p>I learned recently from a Mozilla engineer that Firefox never made samesite=lax the default for cookies set without the samesite= attribute - they went with this Total Cookie Protection strategy instead: <a href="https:&#x2F;&#x2F;lobste.rs&#x2F;s&#x2F;98rp8f&#x2F;cors_is_stupid#c_9dtjao" rel="nofollow">https:&#x2F;&#x2F;lobste.rs&#x2F;s&#x2F;98rp8f&#x2F;cors_is_stupid#c_9dtjao</a><p>Here’s my exploration of samesite from a few years ago: <a href="https:&#x2F;&#x2F;simonwillison.net&#x2F;2021&#x2F;Aug&#x2F;3&#x2F;samesite&#x2F;" rel="nofollow">https:&#x2F;&#x2F;simonwillison.net&#x2F;2021&#x2F;Aug&#x2F;3&#x2F;samesite&#x2F;</a><p>As before, my frustration with this kind of browser feature is the lack of detailed technical documentation.<p>As a web developer, what does Total Cookie Protection mean for how I build web applications at the nuts and bolts level?<p>Show me some set-cookie examples that previously would have behaved differently and explain those differences.

For clarity, I think this was posted because it was just updated. I think just the following was added:<p>&gt; And starting in 2024, all our users can look forward to Firefox blocking even more third party cookies. That’s right; we are taking big swings to adopt new cookie partitioning and clearing mechanisms so that users can browse with fewer cookies that won’t stick around as long and will result in an even better browsing experience. Just another step on our road towards creating a better internet where your privacy is not optional.

This is great. I’ve been using multi-account containers for years and have loved the isolation. But I wonder how Total Cookie Protection works with different auth flows, like logging in to Trello using an Atlassian domain. Maybe it’s unaffected; I haven’t really looked at how&#x2F;if cookies are involved in that process, but I can imagine TCP causing some frustration for users. Definitely will give it a shot, though.

It would be nice if this were more obvious to a user without having to read a blog post saying it&#x27;s doing this.<p>Example: In Safari private mode, I can open up Facebook and login, then if I open up a new tab or window and try to go to Facebook it&#x27;s going to prompt me to login.

I switched from long time chrome using to Firefox 2 weeks ago. I also installed the android app. It seems rather slow and the android app is horribly buggy. I gave up and switched to Brave. Now Brave on Android isn&#x27;t great either but it works.<p>I don&#x27;t quite understand the appeal of Firefox other than it maybe having the same appeal as Linux Desktop or LibreOffice(being free and an open alternative).

Doesn&#x27;t everyone set Firefox to delete cookies at shutdown? (with exceptions for a small number of frequently-used trusted sites)