An Important Update

Dear Followers Of This Blog ...

If you did not use a Blogger / Google account when you Followed this blog, years ago, you are probably not Following now . During the past...

Friday, October 31, 2014

Interstitial Warnings And Cookie Filters

Along with problems with comments and unwanted CAPTCHA forms, we're seeing some reports about problems with persistent and unwanted interstitial displays, in Blogger Help Forum: Get Help with an Issue.

The interstitial display, and its use of cookies, is similar to the new mandatory anonymous comments CAPTCHA form. If your identity can't be determined, or your decision to view a blog can't be remembered, an interstitial warning is displayed - just as the CAPTCHA form is displayed, when your readers are preparing to comment.

Interstitial warnings require cookies, both to identify you, and to remember your decisions.

  • In front of a "private" blog, where you have to be identified, to determine your relationship with the blog.
  • In front of a blog that contains (or is reputed to contain) objectionable material (naughty pictures or such), to remember your desire to view the blog, and your decision to continue.
  • In front of a blog that is (or appears to be) published off site, to remember your desire to view the blog, and your decision to continue.
  • In front of a blog that has been blocked, for TOS violation, or maybe for hosting hacking content, where you have to be identified, to determine your relationship with the blog.

If the cookie can't be read, the interstitial code will try again.

If a preference cookie can't be read after being created, the blog display may force you to try again, and re display the interstitial warning. If a session cookie is not accessible to the blog display, the reader gets treated as someone not logged in.

In neither case, does the reader get to go to the next screen, and view the blog.

Both session cookies, and preference cookies, are vulnerable to "third party" cookie filters.

  • A preference cookie is created under "blogger.com", where the interstitial runs.
  • A session cookie is created under "google.com", where you login.

These are third party cookies, being read under the blog published URL.

Both types of cookies are read under "blogspot.com" - or under whatever custom domain, or whatever country code alias, is being used by the blog, as displayed.

Whether a cookie is needed, but non existent - or needed, but can't be read - the result is the same. The reader is unable to continue, and does not get to view the blog, when necessary.

If the computer has a cookie filter, the cookie won't be read.

If a reader is subject to a filter that blocks "third party" cookies, and a preference or session cookie is needed, the reader will be unable to continue. This is a condition that Blogger Engineers cannot program around, because it is part of the security code, in the browser.

Thanks to the Google "One account" login, as Blogger is made a way of life to more of a reader population who have no interest in maintaining security on their computer, these issues will become more problematic.

Dude, hit me with a comment!