Privacy Alert (prompt for cookies)

Discontinued Software Weather Watcher - Support
1

Hello.

(using WinXP Pro SP2, IE, all updates)

Since downloading WW 5.6.6, when I view the Current Conditions page (Spledid forecast skin) or click on Day/Hour/Moon tabs, I receive a “Privacy Alert” from IE because I have my cookies set to prompt instead of allow.

The web site referenced in the message is “local” which cannot be remembered by IE. Everything still works correctly regardless of whether I click Allow or Block, so it is not a major problem, just an annoyance.

I have included an image of the error.

http://img58.imageshack.us/img58/2739/wwcookie8ee.gif

And thanks for an awesome program.

2

crash, which version of IE do you have? Which IE setting did you check to turn on that functionality?

3

See http://www.malwarehelp.org/configuring- … orer3.html for IE settings relating to this.

http://images.malwarehelp.org/IE/SMNIE00032.gif

I suspect crash has choosen to override IE’s default settings and has Prompt set for both types of cookies.

Personally I don’t worry about cookies.

Ed</font id=“blue”></font id=“size2”>

4

Hi Mike and EdP.

My IE version is (from IE’s About box):

“Version: 6.0.2900.2180.xpsp_sp2_gdr.050301-1519
Update Versions:; SP2;”

EdP is correct in that I have overridden IE’s default cookie settings. The exact setting is in Tools, Internet Options, Privacy tab, Advanced, check “Override automatic cookie handling”, First-party Cookies set to “Prompt”, Third-party Cookies set to Block, and “Always allow session cookies” is checked.

Ok, I should have just done this to start, but here’s an image of my settings:

http://img49.imageshack.us/img49/5205/iecookie5jx.gif

Thanks for the response.

EDIT: Off-topic, but I don’t see a way in the forum profile to be emailed when someone responds to your topic. Is this possible? I would have responded sooner if had gotten an email notification.

5

The problem will be resolved if you check the “Accept” radio button under “First-party Cookies”.

I don’t see the need to override IE’s cookie settings. You aren’t in any danger by using the default IE settings.

quote:
[i]Originally posted by crash[/i]
Off-topic, but I don't see a way in the forum profile to be emailed when someone responds to your topic. Is this possible? I would have responded sooner if had gotten an email notification.
I checked, but I couldn't find that feature. It doesn't seem to be part of the Snitz forum.
6

Hi Mike.

quote:
[i]Originally posted by Mike Singer[/i]
The problem will be resolved if you check the "Accept" radio button under "First-party Cookies".

I don’t see the need to override IE’s cookie settings. You aren’t in any danger by using the default IE settings.

</font id=“quote”></blockquote id=“quote”>
Well, that’s kind of the whole point of having the option. I don’t want to blindly accept cookies. I agree that cookies aren’t a “danger”, I just don’t want them unless I need them from a particular site.

quote:
[i]Originally posted by Mike Singer[/i]
I checked, but I couldn't find that feature. It doesn't seem to be part of the Snitz forum.
No problem, thanks for checking.
7

I think then you are going to be frequently annoyed with WW 5.6.6 then crash. It uses cookies rather than a data file to remember its Spendid Options’ setting.

To resolve this you will have to go back to an earlier version of 5.6, probably pre 5.6.4, or modify the Splendid Current.wtp to skip cookie processing (not that hard to do), or avoid using the Splendid Forecast skin.

hmmmm I wonder what would happen if you added:

C:\Program Files\Weather Watcher\Skins\Forecasts\Splendid\Current.html

to your list of Managed Sites. Or some part of that. Tools, Internet Options, Privacy tab, Sites…

Mike according to the Snitz Forums site Version 3.4.05 that was released on September 29, 2004 has “Optional Email notification features supporting many popular components”.

Ed</font id=“blue”></font id=“size2”>

8

That’s fine. I can live with a minor annoyance such as this, but I have to imagine that there are other users who also have cookies set to prompt instead of allow.

Unfortunately, IE will not allow you to add an address like that. It must be in the form of x.y.z , http://y.z , or y.z according to the dialog that comes up when you enter an invalid site.

I even tried to add local to the registry where the cookie settings are stored and IE ignores it. This was done by exporting a .reg file for a site that I have allowed, editing the .reg file and changing the site to local, and then reimporting the .reg file. Perhaps it would work with a local address like you suggested, but I have no idea if it should be entire path, path+file, or just file. I have a feeling IE would ignore it anyway.

9
quote:
[i]Originally posted by crash[/i]
Unfortunately, IE will not allow you to add an address like that. It must be in the form of x.y.z , [http://y.z](http://y.z) , or y.z according to the dialog that comes up when you enter an invalid site.
[b]crash[/b] did you try it with:

file:///c:/Program Files/… ?

Searching the 'net for the msg doesn’t help. None of the search engines support looking for “local” very well. [V]

If you get tired of the annoyance let me know, I’ll show you how to “tweak” the Splendid current.wtp code. Though you appear to be the type that can figure that out on your own. [:)]

NB

I just tried the file:///c:/Program Files/… approach and it gets rejected. The title on the window is “Address of Web site” but it only accepts domain names. [:(!]

hmmmm how about adding your pc’s domain. If you’re behind a router you’re a 192.168.x.x address. RIGHT click on My Network Places, click on your Local Area Connection icon and see what it shows as your address in the Details box on the left.

Ed</font id=“blue”></font id=“size2”>

10

I’ve had this annoyance too, but didn’t really care to get rid of it.
Well anyways, just read the thread and thought that if it should accept IPs, why don’t you just try the localhost ip? The “local” suggests that it sees localhost as the sender of the cookie, so guess it should help just adding 127.0.0.1???
But well, i’m not at home right now, so haven’t had a chance to check it out - just hope it works off of the back of my head :cool:

11

Ok, I poked around on google and didn’t really find any answers. In MSKB 296363 http://support.microsoft.com/kb/296363/EN-US/ it says this:

“In earlier versions of Internet Explorer, security levels for cookie settings are configured on the Security tab, on a per-zone basis. In Internet Explorer 6, cookies settings are configured as privacy levels for the Internet zone on the Privacy tab.”

Which seems to ring a bell with me in that in you used to be able to adjust cookie settings based on zones, but not anymore.

So, I tried adding the following to the registry using the same method as before to allow local cookies, but none worked:

localhost
MyComputerName
MyComputerName.Workgroup
127.0.0.1
192.168.0.1
wwTabView

EdP: I tried editing the current.wtp for the Splendid to partially or totally remove the cookie functions, but was unsuccessful. HTML/JavaScript is not one of my stronger skills so if you could point me in the right direction I’m willing to give it another shot.

I couldn’t find a reference to “local” anywhere in the files for WW or in my registry, so I don’t know if that string is coming from WW or IE in some way. One of the pages I read indicated that cookies are always accepted from local or Intranet sites, but some newsgroup posts seemed to contradict this. It certainly would be nice if IE allowed different settings for each zone rather than a global cookie policy.

Found the one page:

“NOTE: All cookies are automatically accepted in the Local intranet and Trusted zones, and blocked in the Restricted zone.”
http://support.microsoft.com/kb/293222/EN-US/

Thanks for the input and ideas guys.

(googles and reads some more MSKB…)

Ah! I found a newsgroup post with reference to local here:
http://groups.google.com/group/microsoft.public.windows.inetexplorer.ie6.browser/browse_thread/thread/2dd749b64299998e/964acabc804b134d

and local is referenced here as well:

How to Use the InternetGetCookie() Function to Retrieve Local Cookies
http://support.microsoft.com/kb/306354/EN-US/

but no info about being prompted for this “local” cookie.

Ok, going on the assumption that “All cookies are automatically accepted in the Local intranet and Trusted zones” as stated in the MSKB article, I tried adding the sites I listed above to my “Trusted Sites”, still no go.

(grr, no + or ; in URL code …fixes urls)

12

@crash

Rather than hack the Registry I suggest you try the the more normal approach of adding sites to the Managed Sites list. Tools, Internet Options, Privacy tab, Sites… It may be doing more than you think.

And after adding the addresses I suggest you reboot to ensure the changes are completely activated. Probably overkill but …

As for editing the current.wtp file, there are two functions that write cookies, saveCookie and createCookie, and to nullify their actions put a // at the begining of lines 102 and 180 of the 5.6.6 current.wtp file. Cookies that have been written will continue to be read and used you just won’t be able to update them with these changes.

BTW some template changes are effective with the next weather retrieval, some when another skin is selected and applied then the changed skin reselected.

I have not tested the above changes myself so let me know if they solve the problem for you. If not they are easy enough to remove. [:)]

Ed</font id=“blue”></font id=“size2”>

13
quote:
[i]Originally posted by EdP[/i] As for editing the current.wtp file, there are two functions that write cookies, saveCookie and createCookie, and to nullify their actions put a // at the begining of lines 102 and 180 of the 5.6.6 current.wtp file. Cookies that have been written will continue to be read and used you just won't be able to update them with these changes.
Nice! This worked perfectly, so I really appreciate the info. I made a backup of current.wtp in case I ever need to go back to the original.

Ok, I’ll stop bugging about the cookie problem now. Thanks again everyone.

14

If you have http://www.singerscreations.com in your trusted sites. this will most likely take care of it, as the newly added tag

<!-- saved from url=(0031)http://www.singerscreations.com -->

will make it behave as if the local page (the forecasts) were in the zone the specified URL is assigned to, hence it would be executed in the trusted sites zone - and if the security settings for this zone hasn’t been changed around to much, it’ll allow cookies, and your problem will be gone.

Update:
I just tried it, and it worked for me :cool: woohoooo, no more cookie warnings for me :mrgreen:

15

Wow!! Nice find Fl?gger! [;)]

In that the line is a comment, ie , I never would have suspected it to be the cause of these problems.

Mike you should add something about this to the FAQ section.

Again, nice job Fl?gger! [:)]

Ed</font id=“blue”></font id=“size2”>