Skip to main content

Comments And Cookie Filters - October 2014

The new, mandatory CAPTCHA form, for blog readers wishing to comment anonymously, has been in service for just under a week.

We're seeing a variety of problems, reported in Blogger Help Forum: Get Help with an Issue, by blog owners and readers alike.

Long ago, for blogs with readers who were not really comfortable with maintaining security on their computers, we would recommend changing comment form placement.

The full page (or the slightly less preferable popup window) comment form was more usable, with readers who do not know how to properly maintain cookie and script filters. With recent changes in Blogger and Google, all Blogger comment forms are now vulnerable to inappropriate filters.
  • Use of the Google "One account" login creates login cookies under "" - not "".
  • Publishing blogs to custom domains - not "" - makes cookie access "third party".
  • Referencing blogs from countries subject to country code aliasing - not as "" - makes cookie access "third party".
  • The new, mandatory commenting CAPTCHA form, part of all Blogger comment form placement options, makes cookie access very important.
All of these issues, considered together, makes proper third party cookie filtering even more critical, than it has been, in the past - and makes new Blogger features more problematic.

The Google "One account" login, at "", is now used by many blog owners and readers - instead of the Blogger native login, at "". When the "" login was used, cookies created under "" were not as vulnerable, to cookie filters.

Whether used under "", or whatever country code alias or custom domain is in use (for the embedded comment form) - or under "" (for the full page and popup window comment forms) - login cookies created under "" (by the Google "One account" login) are vulnerable to "third party" cookie filters.

Blogs published to custom domains are becoming more and more popular. All blogs published to custom domains, which use the embedded comment form, are vulnerable to "third party" cookie filters.

Blogs referenced under country code aliasing are becoming more normal. All blogs subject to country code alias redirection are vulnerable to "third party" cookie filters.

The new, mandatory commenting CAPTCHA form needs to access the Blogger / Google login cookie - so blog readers, who are logged in to Blogger / Google, will not be subject to the CAPTCHA. The embedded, full page, and popup window forms are equally vulnerable to "third party" cookie filters, given the above discussed issues.

Thanks to the Google "One account" login, as Blogger is made a way of life to more of a reader population who have no interest in maintaining security on their computer, these issues will become more problematic.

>> Top


A reader responded as follows, when I suggested adjusting the cookie filters:

"I don't think the cookie thing is the problem. I'm using Google Chrome, I even logged in to my Blogger account. And when I write a comment, I hit post and it slides in to oblivion. If they don't have their own products set up to work with Blogger, they have issues. And, I have tried to post comments on other Blogger accounts where I was required to do a CAPTCHA. And the comments still disappear. Which is especially fun after you've gone through CAPTCHAs several times." This person had been considering moving her blog back to Blogger but is not going to now.
Chuck Croll said…

Thank you, for your opinion.

See my latest reply, after I entered 4 test comments on your blog.

Your reader is entitled to her / his opinon - even so, he / she is wrong.

Popular posts from this blog

Stats Components Are Significant, In Their Own Context

One popular Stats related accessory, which displays pageview information to the public, is the "Popular Posts" gadget.

Popular Posts identifies from 1 to 10 of the most popular posts in the blog, by comparing Stats pageview counts. Optional parts of the display of each post are a snippet of text, and an ever popular thumbnail photo.

Like many Stats features, blog owners have found imaginative uses for "Popular Posts" - and overlook the limitations of the gadget. Both the dynamic nature of Stats, and the timing of the various pageview count recalculations, create confusion, when Popular Posts is examined.

Help! I Can't See My Blog!

I just posted to my blog, so I know that it's there. I can tell others are looking at it. But I can't see it.

Well, the good news is you don't have a blog hijack or other calamity. Your blog is not gone.

Apparently, some ISPs are blocking *, or maybe have network configuration or infrastructure problems. You can access or you can access, but you can't access, or

You can't access them directly, that is. If you can access any free, anonymous proxy servers, though, you may be able to access your blog.

Note: You can use PKBlogs with the URL pre packaged. Here is the address of this post (with gratuitous line breaks to prevent the old post sidebar alignment problem):

And an additional URL, to provide to those suffering from this problem, would be the WordPress version of this post: