Cookie Control

Home ] Up ] Version Info ] Vendor Info ] Glossary ] Suggested Use ] [ Cookie Control ]

 

  


You can make use of Internet Explorer's Security Zones to control Cookies beginning with IE-5.0.

Briefly, you can assign a web-site to the Restricted Zone to always block its Cookies.

You can assign a web-site to the Trusted Zone to always allow its Cookies.

Unless you assign a given web-site to a Security Zone, it is automatically considered to be within the Internet Zone.

You can access the Internet Explorer Security options window by:

  • Click the 'Tools' button on an Internet Explorer window
  • Select 'Internet Options' from the dropdown menu
  • Select the 'Security' tab on the 'Internet Properties' window
  • Click the Icon for a Security Zone to display its setting.

Note:  Older versions of IE may use 'View' rather than 'Tools' and 'Internet Properties' rather than 'Internet Options'.

For IE-6, Cookies are always blocked for the Restricted Zone and Cookies are always allowed for the Trusted Zone.

For IE-6, processing of Cookies for the Internet Zone is controlled by new functions.  A comprehensive explanation of the new functions is well beyond the scope of this document.  Basically, you can indicate your level of tolerance for Cookies by means of a 'slider' that is displayed via the 'Privacy' tab on the 'Internet Properties' window.

If the 'slider' is not at the topmost or bottommost positions, you can use the 'Edit' function to add 'per-site' web-site (Domain Names) to your system to override the 'slider'.  You enter the Domain Name and select 'Always Block' or 'Always Allow'.

For IE-5, by default, Cookies are always blocked for the Restricted Zone and always allowed for the Trusted Zone.  However, you have the option for changing these settings.

Also, IE-5 provides choices for Cookie processing within the Internet Zone.  You can choose 'disable', 'enable' or 'prompt'.  The 'prompt' option indicates that you are to be asked for the disposition for each Cookie as it arrives.


Using PurgeIE to help with Cookie Management

Beginning with version 4.03, PurgeIE can assist you in working with Security Zones.  The 'Protect' window includes a new display area that displays the Domain Name for the URL you select within the main display area.

If a Domain Mask exists on your system that matches (or selects) the Domain Name, the Domain Mask is displayed and the Security Zone that the Domain Mask is assigned to is displayed.

For IE-6, the 'per-site' Cookie setting is displayed if one exists for the Domain Name.

In addition to displaying the above information, you can change these settings for a selected URL (Internet Address) as follows:

Click the 'Domain Mask' area – a dropdown menu is displayed which gives you the following options:

  • Create new Domain Mask in Restricted Zone
  • Create new Domain Mask in Trusted Zone

A dialog box is displayed with a suggested Domain Mask that you can modify before committing to the update.

Click the 'Security Zone' area – a dropdown menu is displayed which gives you the following options:

  • Set Domain Mask to Restricted Zone
  • Set Domain Mask to Trusted Zone
  • Remove Domain Mask– set to Internet Zone

Click the 'Cookie Setting' area – a dropdown menu is displayed which gives you the following options:

  • Set to Always Block
  • Set to Always Allow
  • Clear – set to Default Behavior

You can make use of the PurgeIE display and modification functions to restrict Cookies after the fact.  That is, you can display the contents of the Cookies that made it through your defenses and decide whether you wish to block them.

If you decide to do so, you simply create a suitable Domain Mask for that web-site in the Restricted Zone.  For IE-6, you could simply click the 'Cookie Setting' area and select 'Set to Always Block '.

You can make use of PurgeIE to determine which Cookies made it through your defenses and take corrective action.

Some individuals have created additional custom Security Zones.  The subject of custom Security Zones is also beyond the scope of this document.  For those that use additional Security Zones, the dropdown menus for 'Domain mask' and 'Security Zone' will include them.


Caution – Also delete the Existing Cookie

If you take steps to block Cookies from a web-site, you should also delete the existing Cookie from that web-site.  This is necessary as at least some of the settings for IE-6 will allow existing Cookies to be read by the owning web-site even though that web-site is prevented from creating new Cookies.


Assistance & Resources for Computing, Inc
Copyright © 1999-2015. All rights reserved.
Revised: August 23, 2015