Home

Cookie blocking in Edge canary does not work

%3CLINGO-SUB%20id%3D%22lingo-sub-1053218%22%20slang%3D%22en-US%22%3ECookie%20blocking%20in%20Edge%20canary%20does%20not%20work%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1053218%22%20slang%3D%22en-US%22%3E%3CP%3EI%20have%20the%20following%20configured%20on%26nbsp%3B%3CA%20href%3D%22edge%3A%2F%2Fsettings%2Fcontent%2Fcookies%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Eedge%3A%2F%2Fsettings%2Fcontent%2Fcookies%3C%2FA%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Fgxcuf89792.i.lithium.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F160444i542606818126F1F7%2Fimage-size%2Fmedium%3Fv%3D1.0%26amp%3Bpx%3D400%22%20alt%3D%22clipboard_image_0.png%22%20title%3D%22clipboard_image_0.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EDespite%20this%2C%20the%20following%20is%20from%20%3CA%20href%3D%22edge%3A%2F%2Fsettings%2FsiteData%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Eedge%3A%2F%2Fsettings%2FsiteData%3C%2FA%3E%2C%20even%20after%20closing%20and%20restarting%20Edge.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Fgxcuf89792.i.lithium.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F160445iD8228DE13BA3A52C%2Fimage-size%2Fmedium%3Fv%3D1.0%26amp%3Bpx%3D400%22%20alt%3D%22clipboard_image_1.png%22%20title%3D%22clipboard_image_1.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%20%26nbsp%3BDoes%20this%20feature%20work%20for%20anyone%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1068439%22%20slang%3D%22en-US%22%3ERe%3A%20Cookie%20blocking%20in%20Edge%20canary%20does%20not%20work%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1068439%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F421875%22%20target%3D%22_blank%22%3E%40rshupak%3C%2FA%3E%20Hello%20again%2C%20friend!%20%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2FDiscussions%2FClear-on-exit-from-edge-settings-content-cookies-does-not-work%2Fm-p%2F1068427%23M19268%22%20target%3D%22_blank%22%20rel%3D%22noopener%22%3EAs%20mentioned%20here%3C%2FA%3E%2C%20can%20you%20try%20again%20since%20there's%20been%20a%20few%20updates%20since%20you%20posted%3F%20If%20so%2C%20please%20try%20it%20out%20in%20Chrome%20Canary%20and%20then%20let%20me%20know%20how%20that%20works.%20We'll%20be%20able%20to%20figure%20out%20our%20next%20steps%20from%20there.%20%3A)%3C%2Fimg%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EMissy%20Quarry%20(she%2Fher%2Fhers)%3CBR%20%2F%3ECommunity%20Manager%20-%20Microsoft%20Edge%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1068463%22%20slang%3D%22en-US%22%3ERe%3A%20Cookie%20blocking%20in%20Edge%20canary%20does%20not%20work%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1068463%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F470968%22%20target%3D%22_blank%22%3E%40MissyQ%3C%2FA%3E%26nbsp%3BNo%20change%20at%20all.%26nbsp%3B%20I'm%20now%20on%26nbsp%3B%3CSPAN%3EVersion%2081.0.363.0%20(Official%20build)%20canary%20(64-bit).%26nbsp%3B%20Here%20is%20an%20entry%20under%20Block%20on%26nbsp%3B%3CA%20href%3D%22edge%3A%2F%2Fsettings%2Fcontent%2Fcookies%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Eedge%3A%2F%2Fsettings%2Fcontent%2Fcookies%3C%2FA%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Fgxcuf89792.i.lithium.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F162000i86907A74E1E8CC8B%2Fimage-size%2Fmedium%3Fv%3D1.0%26amp%3Bpx%3D400%22%20alt%3D%22clipboard_image_0.png%22%20title%3D%22clipboard_image_0.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAnd%20from%26nbsp%3B%3CA%20href%3D%22edge%3A%2F%2Fsettings%2FsiteData%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Eedge%3A%2F%2Fsettings%2FsiteData%3C%2FA%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Fgxcuf89792.i.lithium.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F162001i05FE6771DA03703C%2Fimage-size%2Fmedium%3Fv%3D1.0%26amp%3Bpx%3D400%22%20alt%3D%22clipboard_image_1.png%22%20title%3D%22clipboard_image_1.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EYou%20can%20see%20it%20fails%20blocking%20the%20host%20named%20in%20settings%20directly%20and%20subdomains.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EIn%20regard%20to%20subdomains%2C%20I%20believe%20the%20UI%20strongly%20implies%20that%20all%20subdomains%20of%20a%20named%20domain%20are%20covered%20by%20the%20setting.%26nbsp%3B%20Here%20is%20why.%26nbsp%3B%20This%20is%20the%20Add%20dialog.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Fgxcuf89792.i.lithium.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F162002i848BF792F399BC9A%2Fimage-size%2Fmedium%3Fv%3D1.0%26amp%3Bpx%3D400%22%20alt%3D%22clipboard_image_2.png%22%20title%3D%22clipboard_image_2.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3ENote%20the%20wildcard%20in%20front%20of%20the%20name.%26nbsp%3B%20As%20is%2C%20this%20is%20ambiguous%20and%20could%20indicate%20either%20that%20a%20wildcard%20is%20permitted%20or%20that%20one%20is%20implied.%26nbsp%3B%20Now%2C%20here%20is%20the%20UI%20when%20you%20enter%20the%20example%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Fgxcuf89792.i.lithium.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F162003iEE81E9277E28750D%2Fimage-size%2Fmedium%3Fv%3D1.0%26amp%3Bpx%3D400%22%20alt%3D%22clipboard_image_3.png%22%20title%3D%22clipboard_image_3.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EYou%20can%20see%20that%20the%20wildcard%20is%20rejected.%26nbsp%3B%20I%20just%20found%20that%20the%20value%20is%20accepted%20with%20the%20brackets%20as%20shown%20below.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Fgxcuf89792.i.lithium.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F162006iFB3A6DA255DCDA43%2Fimage-size%2Fmedium%3Fv%3D1.0%26amp%3Bpx%3D400%22%20alt%3D%22clipboard_image_0.png%22%20title%3D%22clipboard_image_0.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%20I%20thought%20I%20had%20tried%20this%20long%20ago%20and%20it%20too%20failed.%26nbsp%3B%20I%20don't%20know%20if%20that%20was%20changed%20or%20I%20entered%20it%20wrong.%26nbsp%3B%20I%20will%20try%20this%20but%20it%20is%20a%20side%20issue.%26nbsp%3B%20The%20clear%20evidence%20that%20entering%20%22findagrave.com%22%20and%20cookies%20for%20%22findagrave.com%22%20not%20being%20blocked%20is%20an%20obvious%20failure.%26nbsp%3B%20The%20question%20of%20why%20%22%3CA%20href%3D%22http%3A%2F%2Fwww.findagrave.com%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ewww.findagrave.com%3C%2FA%3E%22%20is%20not%20blocked%20depends%20on%20how%20this%20undocumented%20feature%20is%20expected%20to%20work.%26nbsp%3B%20It%20is%20not%20documented%20anywhere%20that%20I%20can%20find%20nor%20is%20there%20explanatory%20text%20in%20the%20UI.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1092897%22%20slang%3D%22en-US%22%3ERe%3A%20Cookie%20blocking%20in%20Edge%20canary%20does%20not%20work%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1092897%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F421875%22%20target%3D%22_blank%22%3E%40rshupak%3C%2FA%3E%26nbsp%3BHappy%20new%20year!%20Sorry%20I%20did%20not%20respond%20to%20your%20follow%20up%20earlier.%20Holidays%20can%20cause%20some%20craziness%20here.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EI%20did%20receive%20some%20more%20info%20about%20ways%20to%20add%20websites%20to%20it.%20It's%20not%20the%20most%20intuitive%20thing%2C%20and%20I've%20relayed%20that%20feedback%20to%20the%20team%20so%20they%20are%20aware%20this%20isn't%20the%20greatest.%20Aside%20from%20adding%20in%20the%20website%20using%20the%20%5B*.%5D%2C%20you%20can%20also%20add%20websites%20using%20the%20site%20permissions%20settings.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EClick%20the%20lock%20icon%20up%20in%20your%20URL%20and%20select%20Cookies%3A%3C%2FP%3E%0A%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Fgxcuf89792.i.lithium.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F163930i4006D374B200C6E8%2Fimage-size%2Fmedium%3Fv%3D1.0%26amp%3Bpx%3D400%22%20alt%3D%22clipboard_image_0.png%22%20title%3D%22clipboard_image_0.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EClick%20on%20the%20domain%20name%20you%20want%20(the%20example%20here%20is%20microsoft.com)%2C%20and%20then%20click%20Block.%3C%2FP%3E%0A%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Fgxcuf89792.i.lithium.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F163932i5903356322E14CA9%2Fimage-size%2Fmedium%3Fv%3D1.0%26amp%3Bpx%3D400%22%20alt%3D%22clipboard_image_2.png%22%20title%3D%22clipboard_image_2.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3ERefresh%20the%20page%2C%20and%20go%20back%20to%20the%20Cookies%20settings%20and%20click%20the%20Blocked%20tab%20at%20the%20top.%3C%2FP%3E%0A%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Fgxcuf89792.i.lithium.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F163933iDB11948751C5B9F2%2Fimage-size%2Fmedium%3Fv%3D1.0%26amp%3Bpx%3D400%22%20alt%3D%22clipboard_image_3.png%22%20title%3D%22clipboard_image_3.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3ETo%20clear%20on%20exit%20for%20that%20specific%20site%2C%20click%20it%20and%20then%20click%20%3CSTRONG%3EClear%20Upon%20Exit%3C%2FSTRONG%3E.%20It%20should%20show%20up%20in%20your%20Settings%20%26gt%3B%20Site%20permissions%20%26gt%3B%20Cookies%20and%20site%20data%20under%20the%20clear%20on%20exit%20portion%20now.%3C%2FP%3E%0A%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Fgxcuf89792.i.lithium.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F163935i6E6E704BF30EC79B%2Fimage-size%2Fmedium%3Fv%3D1.0%26amp%3Bpx%3D400%22%20alt%3D%22clipboard_image_4.png%22%20title%3D%22clipboard_image_4.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EAgain%2C%20not%20entirely%20intuitive%2C%20but%20the%20team%20knows%20that.%20Hopefully%20this%20will%20help%20you%20out%20in%20the%20interim!%20%3A)%3C%2Fimg%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CI%3EMissy%20Quarry%20(she%2Fher%2Fhers)Community%20Manager%20-%20Microsoft%20Edge%3C%2FI%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1092954%22%20slang%3D%22en-US%22%3ERe%3A%20Cookie%20blocking%20in%20Edge%20canary%20does%20not%20work%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1092954%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F470968%22%20target%3D%22_blank%22%3E%40MissyQ%3C%2FA%3E%26nbsp%3BThis%20is%20just%20another%20entry%20point%20to%20the%20existing%20UI.%26nbsp%3B%20The%20root%20bug%20still%20exists.%26nbsp%3B%20This%20UI%20is%20also%20interesting%20because%20it%20doesn't%20do%20what%20you%20would%20think.%26nbsp%3B%20First%2C%20using%20findagrave.com%20as%20an%20example%2C%20I%20have%20the%20following%20configured%20in%20the%20Block%20section%20of%20%3CA%20href%3D%22edge%3A%2F%2Fsettings%2Fcontent%2Fcookies%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%22%3Eedge%3A%2F%2Fsettings%2Fcontent%2Fcookies%3C%2FA%3E.%26nbsp%3B%20This%20is%20configured%20to%20block%20this%20host%2Fdomain%20only%20and%20not%20subdomains%2C%20i.e.%20it%20lacks%20the%20%5B*.%5D%20prefix.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Fgxcuf89792.i.lithium.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F163937i15FFC65E66466CB4%2Fimage-size%2Fmedium%3Fv%3D1.0%26amp%3Bpx%3D400%22%20alt%3D%22clipboard_image_1.png%22%20title%3D%22clipboard_image_1.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%20%26nbsp%3BI%20now%20visit%20I%20and%20click%20on%20the%20lock%20icon%20to%20see%20what%20cookies%20were%20set.%26nbsp%3B%20Note%20that%20it%20ignores%20the%20Block%20setting%20and%20accept%20cookies%20anyway.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Fgxcuf89792.i.lithium.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F163936i5E3DA0740D9E2569%2Fimage-size%2Fmedium%3Fv%3D1.0%26amp%3Bpx%3D400%22%20alt%3D%22clipboard_image_0.png%22%20title%3D%22clipboard_image_0.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%20%26nbsp%3BNow%20for%20the%20unexpected%2C%20and%20I%20believe%20broken%2C%20functionality.%26nbsp%3B%20If%20I%20select%20%3CA%20href%3D%22http%3A%2F%2Fwww.findagrave.com%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ewww.findagrave.com%3C%2FA%3E%20in%20this%20dialog%20then%20click%20on%20block%2C%20the%20following%20is%20what%20gets%20added.%26nbsp%3B%20It%20is%20curious%20that%20it%20includes%20subdomains%20by%20default%20when%20the%20UI%20in%20%3CA%20href%3D%22edge%3A%2F%2Fsettings%2Fcontent%2Fcookies%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%22%3Eedge%3A%2F%2Fsettings%2Fcontent%2Fcookies%3C%2FA%3E%26nbsp%3Bdoes%20not.%26nbsp%3B%20If%20this%20behavior%20is%20sufficient%20expected%20to%20be%20the%20intent%20that%20this%20UI%20uses%20it%20by%20default%2C%20maybe%20the%20UI%20in%26nbsp%3B%3CA%20href%3D%22edge%3A%2F%2Fsettings%2Fcontent%2Fcookies%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%22%3Eedge%3A%2F%2Fsettings%2Fcontent%2Fcookies%3C%2FA%3E%20should%20direct%20users%20to%20this.%26nbsp%3B%20The%20broken%20behavior%20is%20that%20it%20restricted%20the%20block%20to%20HTTPS%20only.%26nbsp%3B%20I%20have%20no%20reason%20to%20expect%20it%20to%20allow%20cookies%20over%20HTTP.%26nbsp%3B%20It's%20also%20curious%20because%20the%20example%20text%20in%20the%20UI%20on%20%3CA%20href%3D%22edge%3A%2F%2Fsettings%2Fcontent%2Fcookies%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%22%3Eedge%3A%2F%2Fsettings%2Fcontent%2Fcookies%3C%2FA%3E%26nbsp%3Bgives%20no%20indication%20that%20a%20URL%20scheme%20is%20allowed.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Fgxcuf89792.i.lithium.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F163938i7905792C83CBF551%2Fimage-size%2Fmedium%3Fv%3D1.0%26amp%3Bpx%3D400%22%20alt%3D%22clipboard_image_2.png%22%20title%3D%22clipboard_image_2.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%20%26nbsp%3BAnother%20indication%20that%20this%20is%20a%20bug%20is%20the%20behavior%20when%20I%20click%20on%20findagrave.com%2C%20without%20the%20www.%20subdomain%20prefix%2C%20then%20the%20block%20button%2C%20the%20following%20is%20added%20to%20the%20block%20list%20on%20%3CA%20href%3D%22edge%3A%2F%2Fsettings%2Fcontent%2Fcookies%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%22%3Eedge%3A%2F%2Fsettings%2Fcontent%2Fcookies%3C%2FA%3E.%26nbsp%3B%20Note%20that%20this%20lacks%20the%20HTTPS%20prefix%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Fgxcuf89792.i.lithium.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F163939i7342E6D891BE3AC0%2Fimage-size%2Fmedium%3Fv%3D1.0%26amp%3Bpx%3D400%22%20alt%3D%22clipboard_image_3.png%22%20title%3D%22clipboard_image_3.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%20%26nbsp%3BIn%20summary%2C%20the%20problems%20are%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CUL%3E%3CLI%3Ethe%20existing%20block%20entry%20for%20findagrave.com%20is%20not%20honored%3C%2FLI%3E%3CLI%3EBlocking%20%3CA%20href%3D%22http%3A%2F%2Fwww.findagrave.com%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ewww.findagrave.com%3C%2FA%3E%20adds%20an%20HTTPS%20scheme%20excluding%20HTTP%3C%2FLI%3E%3CLI%3EThe%20domain%20and%20subdomains%20are%20blocked%20by%20the%20addition%20of%20the%20%5B*.%5D%20prefix%20which%20is%20not%20indicated%20in%20the%20UI%20and%20the%20user%20is%20not%20informed%20that%20the%20block%20has%20larger%20scope%20than%20requested%3C%2FLI%3E%3C%2FUL%3E%3CP%3EIn%20regard%20to%20the%20latter%2C%20one%20more%20flaw.%26nbsp%3B%20If%20I%20remove%20all%20the%20entries%20for%20this%20domain%20from%20the%20block%20list%20and%20visit%20again%2C%20I%20then%20selected%20the%20findagrave.com%20entry%20(without%20www%20prefix)%20first%20then%20the%20Block%20button.%26nbsp%3B%20Note%20that%20the%20label%20%22Blocked%22%20was%20added.%26nbsp%3B%20It%20is%20almost%20invisible%20which%20is%20a%20UI%20flaw%20but%20not%20the%20issue%20I%20am%20noting.%26nbsp%3B%20Because%20the%20block%20entry%20added%20is%20for%20%5B*.%5Dfindagrave.com%2C%20it%20also%20blocks%20%3CA%20href%3D%22http%3A%2F%2Fwww.findagrave.com%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ewww.findagrave.com%3C%2FA%3E%20which%20is%20not%20labeled%20as%20blocked.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Fgxcuf89792.i.lithium.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F163940iE8216B0085D7870A%2Fimage-size%2Fmedium%3Fv%3D1.0%26amp%3Bpx%3D400%22%20alt%3D%22clipboard_image_4.png%22%20title%3D%22clipboard_image_4.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E
rshupak
Occasional Contributor

I have the following configured on edge://settings/content/cookies

 

clipboard_image_0.png

 

Despite this, the following is from edge://settings/siteData, even after closing and restarting Edge.

 

clipboard_image_1.png

 

   Does this feature work for anyone?

4 Replies

@rshupak Hello again, friend! As mentioned here, can you try again since there's been a few updates since you posted? If it still occurs, please try it out in Chrome Canary and then let me know how that works. We'll be able to figure out our next steps from there. :)

 

Missy Quarry (she/her/hers)
Community Manager - Microsoft Edge

@MissyQ No change at all.  I'm now on Version 81.0.363.0 (Official build) canary (64-bit).  Here is an entry under Block on edge://settings/content/cookies

 

clipboard_image_0.png

 

And from edge://settings/siteData

 

clipboard_image_1.png

 

You can see it fails blocking the host named in settings directly and subdomains.

 

In regard to subdomains, I believe the UI strongly implies that all subdomains of a named domain are covered by the setting.  Here is why.  This is the Add dialog.

 

clipboard_image_2.png

Note the wildcard in front of the name.  As is, this is ambiguous and could indicate either that a wildcard is permitted or that one is implied.  Now, here is the UI when you enter the example

 

clipboard_image_3.png

 

You can see that the wildcard is rejected.  I just found that the value is accepted with the brackets as shown below.

 

clipboard_image_0.png

 

  I thought I had tried this long ago and it too failed.  I don't know if that was changed or I entered it wrong.  I will try this but it is a side issue.  The clear evidence that entering "findagrave.com" and cookies for "findagrave.com" not being blocked is an obvious failure.  The question of why "www.findagrave.com" is not blocked depends on how this undocumented feature is expected to work.  It is not documented anywhere that I can find nor is there explanatory text in the UI.

 

@rshupak Happy new year! Sorry I did not respond to your follow up earlier. Holidays can cause some craziness here.

 

I did receive some more info about ways to add websites to it. It's not the most intuitive thing, and I've relayed that feedback to the team so they are aware this isn't the greatest. Aside from adding in the website using the [*.], you can also add websites using the site permissions settings.

 

Click the lock icon up in your URL and select Cookies:

clipboard_image_0.png

 

Click on the domain name you want (the example here is microsoft.com), and then click Block.

clipboard_image_2.png

 

Refresh the page, and go back to the Cookies settings and click the Blocked tab at the top.

clipboard_image_3.png

 

To clear on exit for that specific site, click it and then click Clear Upon Exit. It should show up in your Settings > Site permissions > Cookies and site data under the clear on exit portion now.

clipboard_image_4.png

 

Again, not entirely intuitive, but the team knows that. Hopefully this will help you out in the interim! :)

 

Missy Quarry (she/her/hers)
Community Manager - Microsoft Edge

@MissyQ This is just another entry point to the existing UI.  The root bug still exists.  This UI is also interesting because it doesn't do what you would think.  First, using findagrave.com as an example, I have the following configured in the Block section of edge://settings/content/cookies.  This is configured to block this host/domain only and not subdomains, i.e. it lacks the [*.] prefix.

 

clipboard_image_1.png

 

   I now visit I and click on the lock icon to see what cookies were set.  Note that it ignores the Block setting and accept cookies anyway.

 

clipboard_image_0.png

 

   Now for the unexpected, and I believe broken, functionality.  If I select www.findagrave.com in this dialog then click on block, the following is what gets added.  It is curious that it includes subdomains by default when the UI in edge://settings/content/cookies does not.  If this behavior is sufficient expected to be the intent that this UI uses it by default, maybe the UI in edge://settings/content/cookies should direct users to this.  The broken behavior is that it restricted the block to HTTPS only.  I have no reason to expect it to allow cookies over HTTP.  It's also curious because the example text in the UI on edge://settings/content/cookies gives no indication that a URL scheme is allowed.

 

clipboard_image_2.png

 

   Another indication that this is a bug is the behavior when I click on findagrave.com, without the www. subdomain prefix, then the block button, the following is added to the block list on edge://settings/content/cookies.  Note that this lacks the HTTPS prefix

 

clipboard_image_3.png

 

   In summary, the problems are

 

  • the existing block entry for findagrave.com is not honored
  • Blocking www.findagrave.com adds an HTTPS scheme excluding HTTP
  • The domain and subdomains are blocked by the addition of the [*.] prefix which is not indicated in the UI and the user is not informed that the block has larger scope than requested

In regard to the latter, one more flaw.  If I remove all the entries for this domain from the block list and visit again, I then selected the findagrave.com entry (without www prefix) first then the Block button.  Note that the label "Blocked" was added.  It is almost invisible which is a UI flaw but not the issue I am noting.  Because the block entry added is for [*.]findagrave.com, it also blocks www.findagrave.com which is not labeled as blocked.

 

clipboard_image_4.png

Related Conversations