Is there any benefit in disallowing all sites from saving cookies and whitelisting the ones I need to save cookies; or does it make more sense to use a feature like Brave’s Forget me when I close site
instead?
whitelist cookies seems like far more effort, and dunno how much benefit it is over just sanitising on close (and with sanitise you can whitelist sites that you want to keep cookies on close)
I think the answer to this question heavily depends on your usage patterns.
Many people keep a browser open for days or weeks. In that case, ‘sanitize on close’ is still useful but can’t reduce exposure to the degree forgetful browsing or blocking+whitelisting could.
If on the other hand, you typically restart your browser frequently/daily. Sanitize on close may be a reasonable compromise.
here is a basic visual representation of how I see the difference:
I typically use a combination of both: By default, I have disabled all cookies. I only allow cookies for sites I frequently visit for ease of use, such as wanting to remain logged in, or for sites that require cookies to function properly. For the latter one I use forgetful browsing.
Though, I’m unsure if there’s actually any benefit in doing this…
how much breakage do you get into by blocking all cookies (not just third-party ones)?
Interesting graph. Did you do it yourself ?
I thought Clear on Exit (Firefox) and Forgetful browsing (Brave) operated the same. What’s the diference ?
See Brave Browser's Forgetful Browsing for Sanitising
[Forgetful browsing] acts after closing the tab, not the entire session.
I just tested, and it didn’t disconnect me from Github, neither when closing the tabs on the window. I manually enabled forgetful browsing for github specifically.
If you are have multiple tabs connected to the same site, then closing one of them will not trigger Forgetful Browsing. Also, in my experience, it takes a bit of time (~1 minute or so) for it to kick in.
I did. Its meant to be a visual aid, just to illustrate the difference in concept. So don’t read too much into the precise specifics of the chart.
I thought Clear on Exit
(Firefox)and Forgetful browsing(Brave)operated the same. What’s the difference?
The main difference is that “Forgetful browsing” clears cookies on a ‘rolling’ basis (continuously as you browse). Cookies are cleared when you close the last open tab for that domain. Whereas with clear on exit, cookies are cleared only at the point of browser close or manual clearing of cookies. Either are probably more than fine for most people (particularly when you consider that either approach are in addition to cookie isolation (dFPI in Firefox language).
Also note. This is a difference in concept/technique, not a browser to browser difference. On either Firefox or Brave, you can configure ‘clear on exit’ or use “Forgetful Browsing” with Brave or “Cookie Auto Delete” with Firefox. (The latter is a Firefox extension, and was the inspiration for Brave’s ‘forgetful browsing’).
TL:DR “clear on exit” clears all cookies after you browse “forgetful browsing” clears cookies continuously as you browse.