Kitz ADSL Broadband Information
adsl spacer  
Support this site
Home Broadband ISPs Tech Routers Wiki Forum
 
     
   Compare ISP   Rate your ISP
   Glossary   Glossary
 
Please login or register.

Login with username, password and session length
Advanced search  

News:

Author Topic: Cookies.  (Read 4932 times)

tickmike

  • Kitizen
  • ****
  • Posts: 3640
  • Yes Another Penguin !. :)
Cookies.
« on: June 02, 2018, 02:33:40 PM »

I keep getting this every time I open my FF browser with my forum tab on it.
It has only started happening since the new agreement.

Cookies help us deliver our services. By using our services, you agree to our use of cookies.'Learn more' 'Agreed'

Also get logged out each time browser is closed.

I have not changed my cookie settings in FireFox.
Logged
I have a set of 6 fixed IP's From  Eclipse  isp.BT ADSL2(G992.3) line>HG612 as a Modem, Bridge, WAN Not Bound to LAN1 or 2 + Also have FTTP (G.984) No One isp Fixed IP >Dual WAN pfSense (Hardware Firewall and routing).> Two WAN's, Ethernet LAN, DMZ LAN, Zyxel GS1100-24 Switch.

roseway

  • Administrator
  • Senior Kitizen
  • *
  • Posts: 43467
  • Penguins CAN fly
    • DSLstats
Re: Cookies.
« Reply #1 on: June 02, 2018, 02:53:48 PM »

Does your browser configuration accept cookies?
Logged
  Eric

tickmike

  • Kitizen
  • ****
  • Posts: 3640
  • Yes Another Penguin !. :)
Re: Cookies.
« Reply #2 on: June 02, 2018, 03:01:54 PM »

Yes till I close it.
As I said that was the setting I always use and never had any problems before.
Logged
I have a set of 6 fixed IP's From  Eclipse  isp.BT ADSL2(G992.3) line>HG612 as a Modem, Bridge, WAN Not Bound to LAN1 or 2 + Also have FTTP (G.984) No One isp Fixed IP >Dual WAN pfSense (Hardware Firewall and routing).> Two WAN's, Ethernet LAN, DMZ LAN, Zyxel GS1100-24 Switch.

Browni

  • Reg Member
  • ***
  • Posts: 137
Re: Cookies.
« Reply #3 on: June 02, 2018, 04:49:40 PM »

Is the time correct on your PC?

kitz

  • Administrator
  • Senior Kitizen
  • *
  • Posts: 33879
  • Trinity: Most guys do.
    • http://www.kitz.co.uk
Re: Cookies.
« Reply #4 on: June 02, 2018, 08:09:26 PM »

GDPR changes.  Now you have to give specific consent for processing - see here.
Now you must accept the agreement because without cookies then parts of the site just would not work.

Quote
Yes till I close it.

By that do you mean you clear cookies when you close your browser.  If so then thats the reason why - the only way that the site can know if you will accept cookies is by setting another cookie to say you've accepted.   When you clear cookies then I've no way of knowing that you've previously given cookie consent, so the message will re-appear.   Same with login which also uses cookies.   

Have you not noticed that within the past week just about every website now presents you with a cookie notification.  I sure have.  Every time I go to a new site up pops their cookie consent and/or privacy policy.   I'm getting a bit bored of it now..  but that's legislation for you :(

Not all cookies are bad.


Logged
Please do not PM me with queries for broadband help as I may not be able to respond.
-----
How to get your router line stats :: ADSL Exchange Checker

Chrysalis

  • Content Team
  • Addicted Kitizen
  • *
  • Posts: 7382
  • VM Gig1 - AAISP L2TP
Re: Cookies.
« Reply #5 on: June 02, 2018, 08:21:27 PM »

I usually set persistent cookies in the main browser options.
Then use an addon that wipes cookies after a while, and allows me to override it for certain domain such as kitz.co.uk.  So in affect best of both worlds.

On Chrome its Vanilla cookie manager I use.

It is possible to remember user settings without local cookies, but its more complex and difficult for developers, hence cookies been more widely adopted.
Logged

Bowdon

  • Content Team
  • Kitizen
  • *
  • Posts: 2395
Re: Cookies.
« Reply #6 on: June 02, 2018, 08:41:05 PM »

I noticed yesterday when I closed my PC down as a storm was coming in, when I booted back up every site I'm normally logged in to had logged me out. It was very strange. Seems like it would be a big coincidence.
Logged
BT Full Fibre 500 - Smart Hub 2

kitz

  • Administrator
  • Senior Kitizen
  • *
  • Posts: 33879
  • Trinity: Most guys do.
    • http://www.kitz.co.uk
Re: Cookies.
« Reply #7 on: June 03, 2018, 06:38:25 PM »

Quote
It is possible to remember user settings without local cookies, but its more complex and difficult for developers, hence cookies been more widely adopted.

It would be extremely difficult.  I can't think how you could do this.   IP addresses would be inefficient and you cant get MAC address using http requests.

Ignoring the fact that a webserver cannot get the MAC addresses without running some sort of app... and say you were to use the MAC address you would then need to set up a database which will be storing what would be classed under GDPR as personally identifying data.  So you would then have to disclose this in your privacy policy.. and because it is classed as personal data you'd have to have a pop-up for that because they would have to give implicit consent.  The legislation on personal data is more complex than cookie consent.  :(
Logged
Please do not PM me with queries for broadband help as I may not be able to respond.
-----
How to get your router line stats :: ADSL Exchange Checker

kitz

  • Administrator
  • Senior Kitizen
  • *
  • Posts: 33879
  • Trinity: Most guys do.
    • http://www.kitz.co.uk
Re: Cookies.
« Reply #8 on: June 03, 2018, 06:40:09 PM »

when I booted back up every site I'm normally logged in to had logged me out. It was very strange. Seems like it would be a big coincidence.

Sounds like something cleared your cache/cookies when shutting down the PC.
Logged
Please do not PM me with queries for broadband help as I may not be able to respond.
-----
How to get your router line stats :: ADSL Exchange Checker

Weaver

  • Senior Kitizen
  • ******
  • Posts: 11459
  • Retd s/w dev; A&A; 4x7km ADSL2 lines; Firebrick
Re: Cookies.
« Reply #9 on: June 03, 2018, 06:47:28 PM »

The only way I can think of immediately without devoting any time to it for a web server to remember a user without using cookies would be to hand out unique decorated urls which contain persistent per-user connection id information. Then each time a user follows a link then the server would be able to map the special url to a connection object internally and maintain a persistent conversation that way. It is a bit of a nightmare and means you can't have static pages, nor pages with quotable 'cool' sensible urls, which is dreadful. There is also a security hole in that a user could copy a url and give it to their friend thus giving the friend access to the first user’s session all though this could be ameliorated with the use of ip address matching and possibly timeouts. IP address matching would fail in the presence of NAT though. It just gets worse and worse basically.
Logged

Chrysalis

  • Content Team
  • Addicted Kitizen
  • *
  • Posts: 7382
  • VM Gig1 - AAISP L2TP
Re: Cookies.
« Reply #10 on: June 03, 2018, 11:04:21 PM »

It would be extremely difficult.  I can't think how you could do this.   IP addresses would be inefficient and you cant get MAC address using http requests.

Ignoring the fact that a webserver cannot get the MAC addresses without running some sort of app... and say you were to use the MAC address you would then need to set up a database which will be storing what would be classed under GDPR as personally identifying data.  So you would then have to disclose this in your privacy policy.. and because it is classed as personal data you'd have to have a pop-up for that because they would have to give implicit consent.  The legislation on personal data is more complex than cookie consent.  :(

Just fingerprint the connecting client, which now days is pretty easy to do.  Another option would also to be just to tie to the end user account.  Cookies is no doubt easier tho hence that been the popular choice.
Logged

kitz

  • Administrator
  • Senior Kitizen
  • *
  • Posts: 33879
  • Trinity: Most guys do.
    • http://www.kitz.co.uk
Re: Cookies.
« Reply #11 on: June 04, 2018, 02:43:32 AM »

Is fingerprinting not overkill for viewing http webpages?  In fact I'm not even sure what GDPR would make of that,  they are currently undecided about the use of IP addresses and web logs for stats such as webalizer  ???
If you used fingerprinting that would be seen as personally identifying data so you'd then have to do a pop-up to your privacy notice and keep track of that too and any keys. 

Cookies are a lot more straight forward.
Logged
Please do not PM me with queries for broadband help as I may not be able to respond.
-----
How to get your router line stats :: ADSL Exchange Checker

Weaver

  • Senior Kitizen
  • ******
  • Posts: 11459
  • Retd s/w dev; A&A; 4x7km ADSL2 lines; Firebrick
Re: Cookies.
« Reply #12 on: June 04, 2018, 03:33:57 AM »

Forgive my ignorance, what is fingerprinting?
Logged

Chrysalis

  • Content Team
  • Addicted Kitizen
  • *
  • Posts: 7382
  • VM Gig1 - AAISP L2TP
Re: Cookies.
« Reply #13 on: June 04, 2018, 06:50:36 AM »

Is fingerprinting not overkill for viewing http webpages?  In fact I'm not even sure what GDPR would make of that,  they are currently undecided about the use of IP addresses and web logs for stats such as webalizer  ???
If you used fingerprinting that would be seen as personally identifying data so you'd then have to do a pop-up to your privacy notice and keep track of that too and any keys. 

Cookies are a lot more straight forward.

To be honest I wouldnt even consider it as GDPR now for sure makes it a hassle because you storing data, and although it can be considered anonymous data (if not tied to account) I am not sure of the legalities under the new legislation.

The pros of cookies are the end user has control if they stored, its simpler for the web admin, its simpler on the legal side of things.

The pros of server side session storage is the web admin doesnt need to worry if a cookie is been accepted or not in a browser, so the control of the storage moves from end user to the web admin.
Logged

spring

  • Reg Member
  • ***
  • Posts: 342
Logged
No one knows what is the taste of the void.
 

anything