Protecting a cookie against user deletion

I want to store a cookie that the user will want to keep intact - it contains some preferences for site layout .

I know that Firefox has a plugin (called CookieCuller) which is presumably in js which alllows the user to protect cookies against accidental deletion.

Can someone give me some guidance as to how to do this?

Who is Participating?
No, it may be javascript code, but it is executed by the Firefox browser as if it is part of the browser..

Basically Firefox allows plugins to be written in javascript

And the firefox plugins can access preferences file for themselves by calling the Firefox API

This can't be done from inside a webpage, as the javascript in a webpage will be running inside the security sandbox

If you download the xsi file from here:

To your hard disk, then you can open it with winzip (or similar), and look at the code inside cookieculler.jar (again open it with winzip)

Basically, cookieculler just saves a list of "protected cookies" into its preferences, so that you cannot delete those cookies with "cookieculler"

I assume that you can still delete cookies with the webdevelopers toolbar, etc?

You can't just do this from javascript run on the webpage...

Mutley2003Author Commented:
Thanks Tim

There is a LOT  of code in that xsi file, and I don't pretend to understand it, but it is still just js, right?

So, OK, CookieCuller only protects cookies from CookieCuller, but since js has no access to the filesystem how does it "save a list of protected cookies" ?  In a cookie?

Or is it setting some special fields in those cookies (like ProtectedByCookieCuller=TRUE).. I guess that is a possibility, although surely screwing around with third party cookies is not safe.

So, if we have a cookie containing a list of cookies, how do we know the browser will not delete that master cookie when it reaches its cookie limit? Or is my understanding of that flawed ?? I have this idea that browsers are free to kill cookies once the RFC prescribed limits are breached.


Mutley2003Author Commented:
ok, thanks Tim .. I understand now.

I guess the only way I have of protecting the cookies is to write a small app (not js) that will allow the user to keep a copy of the cookie somewhere else in case it gets deleted, and then restore it. Or keep the preferences on the server

thanks again
Good luck!  Sorry there wasn't an easier solution :-(

And Thanks!

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.