Not all bloggers understand the authentication and cookie issues which are involved, as we update and view our Blogger blogs.
Occasionally we see perplexed queries
Many bloggers aren't aware of the various different domains used by Blogger / Google.
Two of the key domains, in this case, are "Blogger.com", and "BlogSpot.com". The first is where we login, and the second is where many of our blogs are published. And now, "Google.com" becomes a third key domain, with the new Google "One account" login being involved.
With a blog published to a custom domain (not to BlogSpot), we have more possibilities.
Each different domain may contain different code, and should be trusted differently.
Cookies used from "blogger.com", to "blogspot.com", are "third party" cookies.
If you (or your reader) are reading a blog hosted in "BlogSpot.com" (or wherever), and a cookie created in "Blogger.com" is needed, the browser will be able to provide the necessary access only if "third party cookies" are enabled, in all filters. Security filters, which include cookie filtering functions, may be present in various locations on the computer, and the network.
Any cookie or script filter, in any location, can affect your use of various Blogger features.
Blogger and Google use cookies, for serious requirements.
Blogger doesn't use "third party cookies" for fun, or for gratuitous security, they use them because they have cookies created in "Google.com" (when we login to Google) - and used in "Blogger.com" and "BlogSpot.com" (or wherever your blog is published - here, for instance, "nitecruzr.net") when we
By themselves, the popup and separate page comment forms, which use code from "Blogger.com", will not require third party cookies. However, the possibility of CAPTCHA ("word verification") based screening, which runs code from your blog - whatever domain your blog is published in - will require access to third party cookies.
Note the advice on the Settings - Comments - "Show word verification for comments?"
All Blogger comment processes require cookies.
Whether inline, popup, or separate page, your comment form, using CAPTCHA based screening, will also require access to third party cookies.
The unfortunate thing about the "third party cookie" issue is that there's no granularity here, in most browsers. If you enable "third party cookies" so a BlogSpot web page can access a Blogger cookie, then any other web page domain can access cookies created in other domains. You enable one "third party cookie" access, you enable all of them.
With an untrusted website, is unwanted cookies really the most serious danger?
This is yet another reason why you should only surf web sites that you should trust. If you don't trust a given web page to not abuse your computer, and to only access what cookies it should, why are you there in the first place? Always be aware of how reliable are the websites that you surf.
If you have a problem with Blogger, one of the simplest - and most effective - settings to check is the browser cookie filter.
Occasionally we see perplexed queries
I wish blogger didn't insist on the requirement of third-party cookies in order to comment.or
Why do I have to login each time I access my account?
Many bloggers aren't aware of the various different domains used by Blogger / Google.
Two of the key domains, in this case, are "Blogger.com", and "BlogSpot.com". The first is where we login, and the second is where many of our blogs are published. And now, "Google.com" becomes a third key domain, with the new Google "One account" login being involved.
With a blog published to a custom domain (not to BlogSpot), we have more possibilities.
Each different domain may contain different code, and should be trusted differently.
Cookies used from "blogger.com", to "blogspot.com", are "third party" cookies.
If you (or your reader) are reading a blog hosted in "BlogSpot.com" (or wherever), and a cookie created in "Blogger.com" is needed, the browser will be able to provide the necessary access only if "third party cookies" are enabled, in all filters. Security filters, which include cookie filtering functions, may be present in various locations on the computer, and the network.
Any cookie or script filter, in any location, can affect your use of various Blogger features.
Blogger and Google use cookies, for serious requirements.
Blogger doesn't use "third party cookies" for fun, or for gratuitous security, they use them because they have cookies created in "Google.com" (when we login to Google) - and used in "Blogger.com" and "BlogSpot.com" (or wherever your blog is published - here, for instance, "nitecruzr.net") when we
- Publish or delete comments.
- Attempt to access private blogs.
- Require Blogger Stats to ignore our own activity.
- Use (look for) the Quick Edit icons on the face of the blog.
By themselves, the popup and separate page comment forms, which use code from "Blogger.com", will not require third party cookies. However, the possibility of CAPTCHA ("word verification") based screening, which runs code from your blog - whatever domain your blog is published in - will require access to third party cookies.
Note the advice on the Settings - Comments - "Show word verification for comments?"
Blog authors will not see word verification for comments.The comment script must check the authentication cookie, to determine if the commenter is a blog author.
All Blogger comment processes require cookies.
Whether inline, popup, or separate page, your comment form, using CAPTCHA based screening, will also require access to third party cookies.
The unfortunate thing about the "third party cookie" issue is that there's no granularity here, in most browsers. If you enable "third party cookies" so a BlogSpot web page can access a Blogger cookie, then any other web page domain can access cookies created in other domains. You enable one "third party cookie" access, you enable all of them.
With an untrusted website, is unwanted cookies really the most serious danger?
This is yet another reason why you should only surf web sites that you should trust. If you don't trust a given web page to not abuse your computer, and to only access what cookies it should, why are you there in the first place? Always be aware of how reliable are the websites that you surf.
If you have a problem with Blogger, one of the simplest - and most effective - settings to check is the browser cookie filter.
Comments
That's sad. 8-(
Have you posted in Blogger Help Forum: Something Is Broken, or in Nitecruzr Dot Net - Blogging? Peer support is where you get help.
Thanks for the message that I would need to enable third party cookies to comment in your comment form - lol.
driving me crazy.I just enabled 3rd party cookies & all is ok! Funny thing though is how I only had the problem w/ Firefox & not Google Chrome??
but problem solved & i'm now a follower.
tom
it isn't that my blog is in arabic, i can't get as far as my blog
the "FAQ did not "A" my "Q"
I would suppose that's a decision that you have to make. If you want to login to your blog, to post comments, to surf without Stats recording your pageviews, or to use Following completely, you're going to have to allow third party cookies.
Blogger / Google uses multiple domains - and if you want to use Blogger fully, that's the reality.
The bottom line is that the settings are in your browser, they are not tweaks that Blogger can code around.
Try the correct commenting test - one comment, on two blogs!
http://blogging.nitecruzr.net/2010/10/testing-for-problem-with-cookies.html
If you're going to use Blogger, there is some effort that you must make. As I have said before, blogging requires a minimal amount of learning.
http://blogging.nitecruzr.net/2011/07/unfilter-web-selectively.html
http://blogging.nitecruzr.net/2009/09/blogging-is-about-learning.html
If I am reading this correctly, you are saying that readers will never have a problem leaving a comment in an embedded form if you simply disable captchas.
Is that correct? It is just as good as the full page form?
That is good news if so. I'm itching to switch back to embedded, but above all I do not want to increase the "layered security" etc. burden on readers and commenters.
Removal of the CAPTCHA screening would remove one reason for needing access to the authentication cookie.
If completely unrestricted commenting - anonymous, with no CAPTCHA, and no moderation - is allowed, that specific combination of options should allow somebody to comment without third party cookie access.
How many blog owners are that uncaring about the future of their blog?
After reading your site, I changed my privacy settings to allow all cookies and yes it worked, I got to sign in and make a comment as normal. That doesn't explain why, the day before yesterday I could do it anyway! I certainly don't want to allow all cookies and I won't be. I will change it only if I want to make a comment, if that is the only way. I am not happy about it though.
As an aside, since getting a google account to give myself a web id to comment with, I have noticed how rubish it is! Sometimes you can't comment on blogs for a whole day because after making a comment on one blog, you can then neither see or make a comment on any other. It has shown me that if I ever want a blog of my own, I certainly would never in a million years use blogger. Plus half the time it acts confused and treats you like you have a blog when you don't - just a google account, it's very poor. I'm not alone - so many complaints!