briano_de_rhino — 2012-10-16T07:08:45-04:00 — #1
I need to know how to detect all the cookies on my sites and identify them.
I went to Tools/Page Info and I have a firefox plugin for cookies. Which shows me only one cookie ( d4dad6935f632ac35975e3001dc7bbe8 ). I have no idea what this cookie is for.
I know the cookie law is pants but my workplace insist I comply with all laws so....
molona — 2012-10-16T09:50:38-04:00 — #2
Just got to FF options > Privacy and you will see a link that reads "individual cookie deletion" or similar (I don't know the exact wording because mine is not is English)
There you can see all cookies classfied in folders that represent the site.
briano_de_rhino — 2012-10-16T11:53:18-04:00 — #3
Only one cookie and it is d4dad6935f632ac35975e3001dc7bbe8. Which means nothing to me. I googled it but I still cant figure out where its from or if its one of the functional cookies that the EU cookie law says you dont have to warn the user about.
spacephoenix — 2012-10-16T12:10:57-04:00 — #4
Have a look where the server stores sessions, that cookie might be the one used for the session id
mikl — 2012-10-16T12:28:52-04:00 — #5
Are you responsible for developing and maintaining the site? If so, then surely you know what cookies you are storing? You shouldn't have to rely on your browser to tell you. If you're not involved in maintaining the site, then you should ask the person who is.
In any case, using a browser tool or a plug-in to detect your cookies won't help you comply with the law. It can only tell you what cookies are being stored. The important thing is how they are being used. Only someone who is involved with developing the site can know that.
briano_de_rhino — 2012-10-16T13:20:30-04:00 — #6
I am new to web design (just finished an intensive one year course in html and css and tiny bit of JS) and maintain an existing site for work. The existing site was built with Joomla which I know nothing about and I thought we didnt use any cookies but upon using the browser to find out it says we use a cookie called d4dad6935f632ac35975e3001dc7bbe8 which isnt much use to me to know what the hell it is used for.
briano_de_rhino — 2012-10-16T13:21:37-04:00 — #7
It says that the cookie expires when the session ends.....
molona — 2012-10-16T16:07:27-04:00 — #8
Then, when the session ends, the cookie is not valid any longer and it will be re-created in the next session when he visits that particular website. It looks that it is a session cookie
mikl — 2012-10-17T06:05:59-04:00 — #9
Whether or not this is a session cookie isn't really relevant. The EU law applies equally to session cookies and persistent cookies.
What you have to decide is whether the cookie is essential for the operation of the site. If it is not, then you fall within the scope of the law and must obtain the visitor's consent. (I know that's an oversimplification, but you were asking for technical advice, not legal.)
Since you are using a third-party platform (Joomla), and since you have no control over what cookies that platform uses (now or in the future), it would be prudent to assume that the site does use non-essential cookies, and to proceed accordingly.
briano_de_rhino — 2012-10-17T06:12:10-04:00 — #10
molona — 2012-10-17T14:04:23-04:00 — #11
I don't know the law in relation to cookies so I can't say anything about it. I was simply trying to identify the cookie
mikl — 2012-10-18T04:09:19-04:00 — #12
My apologies, Molona. I wasn't implying any criticism. I just wanted to clarify the point for the benefit of the original questionner.
endermb — 2012-10-18T09:44:55-04:00 — #13
I've done a large number of audits for large-scale sites with tons of cookies and have found this to be the best resource for tackling the EU cookie directive for the UK. Much of it should apply to the rest of Europe, but be sure to check on your own countries implementations.
Frankly, it sucks, and it's already proven to not affect the big players. I know a number of top sites (primarily profit-centre sites) that are outright refusing to comply because they feel the potential £250k fine is less than what they feel their marketing cookies are worth per year. Also, considering the likes of Santander (Bank) are unlawfully breaching customer security through horrendous security practices with not as much as a whimper from the ICO I doubt they've even bothered to check who is using cookies and who isn't.
mikl — 2012-10-18T13:02:52-04:00 — #14
I doubt they've even bothered to check who is using cookies and who isn't.
I'm sure you're right. It's not their normal practice to initiate checks themselves. What they do is respond to complaints from members of the public. The theory is that individuals who feel agrieved at not having the chance to consent to cookies will submit a formal complaint. We'll see.
By the way, the above remark applies to the UK. The authorities in other countries might be more active in enforcing the law.