2-year-old BUG: cannot remove "Sites that can always use cookies"

Despite there being half a dozen threads and a 2-year-old GitHub ticket about this problem, it hasn’t been fixed. Does Brave — the “privacy browser” — have any plans to ever actually fix this significant privacy bug?

Description of the issue:
Impossible to delete sites from “Sites that can always use cookies” in brave://settings/cookies?search=cookies

How can this issue be reproduced?

  1. brave://settings/cookies?search=cookies > Sites that can always use cookies
  2. Click the trash can next to any item shown

Expected result:
Item will be removed from the list

Actual result:
Nothing happens at all. It’s impossible to remove sites from this list.

Brave Version( check About Brave):
v1.40.107

Additional
I’ve tried the suggested tips. This feature is so broken that turning Shields off actually removes a site from this list, but turning them back on returns it to the list.

3 Likes

@100WattWalrus , @craciu25yt

In a Brave Browser - New Window, go to: brave://flags

Search for: Enable Brave Shields

  • DISABLE: Enable Brave Shields v2
  • ENABLE: Enable Brave Shields v1

In a Brave Browser - New Window, go to: brave://settings/shields

  • Block cookies (aka Cookie blocking): Only cross-site

Visit the cookie-troubled website and set the site-specific Shields (Lion icon) panel setting to UP and the settings to Aggressive/Strict . . . and Cross-site cookies blocked . . . and then open a New Window to brave://settings/cookies and try the Trash can.

Go to: brave://settings/cookies

  • Enable: Block third-party cookies
  • Disable: Clear cookies and site data when you close all windows

Attempt to remove all: Sites that can always use cookies

In a New Window, visit the problematic website - that is a source of cookies that you still cannot remove.

Click on the site-specific Shields (Lion) icon at the right end of the URL address field.

  • Set: Shields UP
  • Set: Cross-site cookies blocked

Next, Right-click on the Padlock icon at the left end of the URL address field.

Scroll down in the resulting pop-down window, to . . . and click on . . . Cookies

A ‘Cookies in use’ window will display (example using the Brave Community website):

Notice that there are Allowed and Blocked tabs.

See if you can Remove the undesired source of cookies, therein.

If all the above does not work, try a reverse . . .

Go to: brave://settings/cookies

Scroll down to Sites that can always use cookies

Click the *Add button

Using the domain of your troublesome website (example: troublesome.com),

Enter [*.]troublesome.com as the site . . . but Do Not Enable:

  • Current Private session only
  • Including third-party cookies on this site

Click the Add button

Enable: Clear cookies and site data when you close all windows

Go to: brave://settings/clearBrowserData

Select tab On exit

Enable: Cookies and other site data

Click on the ‘Save’ button.

Exit / Quit Brave Browser

Restart your computing device.

If problem remains, certainly try:

What @CerealLover suggests, below.

And, try:

What @chh_68 suggests:

Same or related issues:

Hi

Try the warkaround proposed @ Can't remove sites in Settings → Sites that can always use cookies

  1. Open the TAB brave://settings/cookies.
  2. Open another tab for the site listed in “sites that can always use cookies” and toggle ON/OFF Brave Shield (the orange icon) for that site.
  3. Go back to Tab brave://settings/cookies and check if gone. If needed Toggle again ON/OFF brave shield.

These workarounds does not change the need to a permanent fix. The cookies’ settings are not working properly and need to be fixed.

None of these workarounds made me able to set a cookie to be cleaned when the window is closed. It can only change from always allowed to blocked.

1 Like

@FernandoFuvio

For visiting websites, I always use Brave Browser > New Private Window - as my preferred window type.

Thus, when leaving a website and closing the window(s) I had open to that website, the website’s cookies are removed, thanks to how New Private Windows function.

An exception to the windows type that I use, is when using Brave Browser web pages - such as the Settings web pages.

In a Brave Browser > New Window, at: brave://settings/cookies for example.

A particular workaround for the ‘2-year-old BUG’ has been effective:

In a Brave Browser - New Window, go to: brave://settings/shields

  • Block cookies (aka Cookie blocking): Only cross-site

Visit the cookie-troubled website and set the site-specific Shields (Lion icon) panel setting to UP (aka Shields UP) and the settings to Aggressive/Strict . . . and Cross-site cookies blocked . . . and then open a New Window to brave://settings/cookies and try the Trash can, for the respective Cookies source.

By the way, as a practice, I do not set a Shields DOWN condition, though many other users of Brave Browser do, and Brave Support suggests that step.

I believe, that the user should TEST, Shields settings changes, one increment at-a-time.

Because, I view, and treat, Brave Browser Shields as a firewall. And, as a firewall in effect, important to gradually open what is necessary per webpage / per website - instead of summarily disabling the firewall.

Except for a troublesome website, I have the GLOBAL Shields settings always set to Aggressive/Strict.

Yet, I agree that Brave Browser > Settings must work properly, and sources for cookies, listed at brave://settings/cookies under:

  • Sites that can always use cookies
  • Sites that clear cookies when you close them
  • Sites that can never use cookies

. . . should be removeable without having to resort to back-peddling workarounds.

1 Like

Do we have confirmation from the Dev team when this bug will be investigated?

@MrPassey

Delete icon in cookie settings does not delete some entries set from Shields or other settings #8604

https://github.com/brave/brave-browser/issues/8604

As of 2 days ago (July 12, 2022), ‘Verification In Progress’

had this problem for probably a year already - its a pretty important feature for privacy for me so doesn’t fill me with confidence using brave.
i’ve lost my patience with how begrudgingly websites are regulated - these browser settings are an opportunity to disempower obnoxious practices and reward websites we trust.

To be clear, as @289wk stated, this issue has a fix that is being implemented presently: