Whitelist specific cross-site cookies?

Hello, I have run into an issue while running Cold Turkey, a website blocking app that I use to prevent myself from spending time on distracting websites during work hours.

Cold Turkey, which is added to Brave via an extension, shows a “blocked” page whenever you try to access a site that you have allowed it to block. The app also allows you to set a custom blocked page rather than the default one (like writing your own custom message that shows there, changing the page colors, etc.). I really like that feature and find it more useful to me than their default block page, which simply says “You’ve quit this site, cold turkey” when I visit a blocked page. That sits with me weird because I haven’t quit the site, I’m just taking a break from it, and a more to-the-point and motivational message helps me better, like setting the custom page to say “You are free from this distraction. Use your time more meaningfully.” That gets me right back on track to my work and feels more motivating than punitive. It’s the energy I need to keep my workflow rather than feel I ran into a roadblock by mindlessly clicking something I wasn’t supposed to. The custom block screen is also a feature of the paid version of the app, which I bought, so I’d like to make use of it.

Here is the issue when it comes to Brave. Cold Turkey uses a cross-site cookie to enable the custom block page to show on the sites you have blocked. The Cold Turkey dev thought that by allowing cookies for his website it would allow the custom page to load on blocked sites, however it didn’t, and would only show the default one on all my blocked pages. I later did some playing around and realized that I needed to enable cross-site cookies either globally or for each site that Cold Turkey blocks, in order for the custom block page to load on those sites.

I don’t like this as a solution because I have to allow ALL cross-site cookies for each of those pages, meaning when I’m not using Cold Turkey to block them, other cross-site cookies can run in the background of those pages, and these are on sites that are notorious for running tens or hundreds of them, like Youtube and other social media.

So, is there a way I can whitelist/allow specific cross-site cookies to run on those pages (specifically, or globally), so that I can get the full functionality of my website blocker app and see the custom block page on those sites, but without allowing all cross-site cookies to run on those pages?

In summary: Simply putting shields down on the Cold Turkey site where the cookie originates, and checking that the cookie from that site is allowed in the cookie settings, does not work. It has to have cross-site cookies allowed on every page it interacts with or the functionality is broken. A way to whitelist a specific cross-site cookie would be the best thing I could think of here.

Brave Version 1.32.113 Chromium: 96.0.4664.45 (Official Build) (64-bit)

Allowing X/Y cookie seems to open invitation for tracking, when you have no control on what the 3rd-party does with your data. Privacy first for good reason and making exceptions would just be asking for trouble.

I would expect cookie based extensions would have issue with Brave, no much we can do here tbh. Maybe the extension shouldn’t use/need cookies to track users, that is bad design imo.

Related: which helps

1 Like

I read the article you shared, but I don’t understand how it would help my situation. It seemed to imply that ephemeral storage wouldn’t work when cross-site cookies are involved and that it would be cleared whenever leaving the site anyways. Is that right? So, for the issue described I don’t see the relevance. Can you explain?

I’ve given a suggestion to the owner/founder of Cold Turkey to include local or non-cookie storage of the custom block page data in a future update, though, I doubt enough people are cookie-blocking and running into this issue that he’ll get enough requests to prioritize it as a feature, but here’s hoping. I would imagine his reason for using a cookie to store this data is to make the feature work across devices since some people use his app on computer and phone, etc. I don’t know the ins and outs of developing an app, so I don’t know if there are other ways to do that, but I brought up my concern with it to him, so here’s hoping.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.