The code on our computers requires both cookies and scripts, installed on our computers as we use the various Blogger utilities. The cookies and scripts are increasingly susceptible to damage, from improperly implemented layered security.
The most visible component in our layered security strategy is the browser.
Cookies and scripts are considered separately, and differently, for each different browser. When we also consider the multiple domains used by Blogger, and differing trust levels for each domain, we see how complex layered security is to maintain, on any computer.
To start, be careful to allow the non "blogspot.com" alias that may be relevant to your country.
- Cookies: Allow local data to be set
With Firefox, you enable cookies from the browser menu, using Tools - Options - Privacy.
- Under History, ensure that "Firefox will:" is set to "Use custom settings for history". That will give you an array of settings.
- Ensure all settings are selected, except "Clear history when Firefox closes".
- Hit "Exceptions", and ensure that "blogger.com" and "google.com" are given "Allow" status.
- Ensure that "Keep until:" is set to "they expire".
- Hit "OK" to save settings.
- Note that any Firefox add-ons which filter cookies, and offer more detailed options, will have to be dealt with, separately.
Firefox does not contain any native script filters. The most popular add-on for Firefox is NoScript, and this is how most Firefox users filter scripts. You'll need to designate "blogger.com", "google.com", and any Google domain excepting "blogspot.com", as trusted - when you load any display for the domain in question. An untrusted domain will show a "NoScript Untrusted" icon in the status area at the bottom of the window. To enable each domain, you position the cursor over the NoScript icon and select "Allow (domain URL)" in the popup menu.
With Internet Explorer, you enable security settings - both cookies and scripts - from the browser menu, using Tools - Internet Options. Optionally, you may access the "Internet Options" applet directly from the Windows Control Panel.
- IE uses a zone defense setting, where you designate "blogger.com" and "google.com", in Security, as being in the Trusted zone. Please note that "blogspot.com" should not be in the Trusted zone.
- Default settings for the Trusted zone will allow proper filtering of scripts.
- Verify proper settings, with "Trusted sites" selected, and the Security level slider control set to "Medium". Hit "Custom level", and examine the Settings list.
- Look for the "Scripting" section, 3/4 of the way to the bottom of the list.
- You will observe 6 options under "Scripting". Default settings will have all options Enabled, except "Allow Programmatic clipboard access"; you may wish to Enable this to allow easy use of Post Editor.
- Hit "OK", and "Yes" if necessary, then "OK" again.
- You enable Cookies under the "Privacy" tab.
- Set the Privacy slider to "Medium".
- Hit the "Advanced" button, and examine the "Advanced Privacy Settings".
- Both "First party Cookies" and "Third party Cookies" should be set to "Accept".
With Opera, you enable cookies and scripts from the Advanced tab, in the Preferences wizard. The Content menu contains selections for scripting. The Cookies menu contains selections for cookies.
With Safari, you enable cookies and scripts from the Preferences wizard. The Security icon, in Preferences, contains selections for cookies ("Accept cookies"), and for scripts ("Web content"). Select "Always" for "Accept cookies", to enable third party cookie access.
Note that these are known settings, for specified browsers. Both Firefox and Internet Explorer allow additional add-ons, which are installed at the decision of the computer owner. Cookie and script management is one popular add-on function - and comes under many different names. You, the computer owner, must be responsible for any add-ons which you install.
Remember to restart the browser, after changing any filtering settings.