-
Notifications
You must be signed in to change notification settings - Fork 138
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add exceptions to cookie blocking NOT working in Firefox #1417
Comments
It looks like the second workaround broke due to some project isolation work we did. For instance when opening this project: To be able to run this project correctly in Firefox with the second method, I need to add exceptions for 2 origins:
Where
I also tried adding |
Then, first you should update this document so more users don't end up in the same predicament as me. Secondly, I know the importance of cross-domain security for the site. But if this becomes a barrier that prevents users from using it, or even forces users to lower client security before they can use it, then this is an issue that needs to be thought about and weighed. Thank you for your investigation and quick response! |
We definitely need to update the docs to reflect those changes and the current possibilities. I’ll need input from more knowledgeable team members like @d3lm to know what we can do exactly. |
Relearning everything, I now think that using "Strict Mode" is the best option right now. It provides more advanced protection measures than
I think you should change the wording, which is not "more permissive", but a completely different isolation mechanism. It is also inaccurate to directly compare "Strict" with "Custom", because in fact "Cross-site tracking cookies, and isolate other cross-site cookies" in "Custom" provide the same protection mechanism as "Strict".
References:
|
https://developer.stackblitz.com/platform/webcontainers/browser-config#firefox
According to the above documentation, following method 1 will work in Firefox.
But it still doesn't work after setting it up according to method 2, it's stuck at
Booting WebContainer
.Is documentation method 2 no longer valid or needs updating?
I really don't want to use method 1 to relax restrictions on all sites.
I've done several iterations of this with a brand new Firefox user profile, so I don't think there should be any other distractions there.
I noticed that set
cookies
toCross-site tracking cookies, and isolate other cross-site cookies
in "Custom" mode there is a critical point, above which the option does not work, at or below which it works immediately.network.cookie.cookieBehavior
This restriction greatly reduces the user-friendliness of
stackblitz.com
, and many colleagues are reluctant to use the site due to this problem.Thank you for making this very useful tool, which is what I hoped it would be easier for more people to use with the feedback in the first place.
The text was updated successfully, but these errors were encountered: