Configure Cookies 'SessionOnly' (4)

Occasional Contributor

I've set the GPO 'Configure Cookies' to 'SessionOnly' (4).

In the settings I can set some exceptions.

Is there a GPO to set exceptions too?


4 Replies

@postmaster canastra Hi!  Thanks for reaching out!  Just to confirm, are you referring to the 

CookiesSessionOnlyForUrls Policy (Microsoft Edge Browser Policy Documentation | Microsoft Docs ?


You can also use the CookiesAllowedForUrls and CookiesBlockedForUrls policies to control which websites can create cookies.






My last Message is lost,

So, I answer again.

We want to delete most cookies at exit of the session.

So, we set "Configure Cookies 'SessionOnly' (4)" and all cookies are gone.

But now we need some exception.

Some cookies from selected URL should survive.

In the GUI I can add exceptions to a list.

Now I search a GPO to deploy this to all clients.

With GPO CookiesAllowedForUrls I can set a list to accept new cookies.

But then some URL set every time a new cookie and the settings inside the cookies are lost.

best response confirmed by postmaster canastra (Occasional Contributor)

@postmaster canastra Hi!  Sorry about your technical problems with the forum! 


Hopefully I'm understanding your question, please correct me if I've misinterpreted.  Currently you are using the DefaultCookiesSetting Policy ( to keep cookies for the duration of the session, which is the Option SessionOnly (4) you mentioned, but there are certain cookies you want to save.  Is that correct?  


In that case, have you seen the SaveCookiesOnExit Policy (  When this policy is used, the specified set of cookies is exempt from deletion when the browser closes.  


Please let us know if you are still having issues.  Thanks!






Hi Kelly

Thanks for the SaveCookiesOnExit.

At the moment we had an old version of admx in use (85.0.564.63).

Now I download the newest admx and there is SaveCookiesOnExit available.

So I thinks this works fine and I will test soon.