Cookie Controls Comparison

In the comparison below, global cookie controls that apply to an entire class of cookies (first-party or third-party) are distinguished from granular cookie controls that users can set on a site-by-site basis.

Cookie Controls Chrome 7 Firefox 3.6 / 4.0 Beta 6 Internet Explorer 8 / 9 Beta Opera 10.6 Safari 5
Global first-party cookie options1
  • Block
  • Allow
  • Block
  • Allow
  • Prompt (allow, allow for session, deny)
  • Block
  • Allow
  • Prompt
  • Allow, prompt, or reject as defined in a privacy settings file created by the user
  • Block
  • Allow
  • Prompt
  • Block
  • Allow
First-party cookie default setting Allowed Allowed Allowed Allowed Allowed
Global third-party cookie options2
  • Block
  • Allow
  • Block
  • Allow
  • Prompt
  • Block
  • Allow
  • Prompt
  • Allow, prompt, or reject as defined in a privacy settings file created by the user
  • Accept cookies only from site visited
  • Allow
  • Accept cookies only from site visited
  • Allow
Third-party cookie default setting Allowed Allowed Allowed3 Allowed Accept cookies only from site visited
Granular (per-site) cookie options
  • Block
  • Allow
  • Session only
  • Block
  • Allow
  • Session only
  • Block
  • Allow
  • Prompt
  • Session only
  • Block
  • Allow
  • Allow cookies only from site visited
  • Session only
  • Prompt
  • None
Cookie retention options
  • Until expiry
  • Until manually deleted
  • Until browser is closed
  • Until expiry
  • Until manually deleted
  • Until browser is closed
  • Prompt each time
  • Until expiry
  • Until manually deleted
  • Until browser is closed
  • As defined in a privacy settings file created by the user
  • Until expiry
  • Until manually deleted
  • Until browser is closed
  • Until expiry
Can prevent deleted cookies from being reset No No No No No
Allow lists can be subscribed to No No No4 No No
Block lists can be subscribed to No5 No No6 No No
Blocking all cookies from being set prevents existing cookies from being read Yes Yes Yes, if set via privacy setting.  No if set via advanced controls. Yes No
Globally blocking third-party cookies / accepting cookies only from site visited prevents acceptance of third-party cookies Yes Yes Yes No Yes
Globally blocking third-party cookies  / accepting cookies only from site visited prevents existing third-party cookies from being read No Yes No No No
Globally blocking third-party cookies  / accepting cookies only from site visited prevents first-party cookies from being used as a third-party cookie7 No Yes No No No

1 Internet Explorer allows users to import an XML privacy preferences file that can describe granular preferences for cookies from particular sites.

2 We distinguish between the ability to block/allow all cookies (which is covered by the global first-party cookie option) and the ability to block only third-party cookies.

3 However, Internet Explorer will block cookies based on their P3P policy.  If it does not have a P3P policy, or its policy specifies certain types of use, the cookie is blocked.

4 Microsoft has recently announced that it will support block and allow lists in the release version of Internet Explorer 9.

5 Chrome, however, does support pattern based domain blocking.

6 Microsoft has recently announced that it will support block and allow lists in the release version of Internet Explorer 9.

7 An example of this scenario is when the user visits Site A and receives a cookie from Site A.  When the user later visits Site B, which happens to have an element from Site A on it, the Site A cookie should not be read and sent to Site A if third-party cookies have been disabled because this cookie is now a third-party cookie.

Share Insight