Epiphany cookie whitelist HOWTO

How to configure the Epiphany web browser to ignore the expiry date of cookies, deleting them when the browser is closed, unless the cookies are from a whitelisted web site.


These instructions apply to Epiphany using the gecko backend. Instructions for WebKit are forthcoming.

Configure Epiphany so that all cookies are expired at the end of the browser session:

If you want to totally ignore cookies instead, you could try setting network.cookie.lifetimePolicy to 3 and network.cookie.lifetime.days to 0. Please let me know if this does or does not work.

We will now create a whitelist of domains for which cookies will not have their expiry dates overridden.


The steps that you must take depend on the backend that Epiphany is using. You can discover which backend you are using by going to 'Help' → 'About' and looking for the "Powered by (engine)" text.

If you are using the gecko-1.8 backend, create ~/.gnome2/epiphany/mozilla/epiphany/hostperm.1:

If you are using the gecko-1.9 backend, you will need to install sqlite3, and then run sqlite3 ~/.gnome2/epiphany/mozilla/epiphany/permissions.sqlite:

Alternatively, you can install the extension that I wrote. It is unpolished, but usable—it certainly beats certainly beats using sqlite3 if you are using the gecko-1.9 backend!

To install the extension, drop cookie-whitelist.ephy-extension and cookie-whitelist.py in your ~/.gnome2/epiphany/extensions directory, and then restart Epiphany. Finally, go to 'Tools' → 'Extensions' and enable the 'Cookie whitelist' extension.

You can now add and remove whitelist entries by going to 'Tools' → 'Cookie Whitelist...'

Remove old cookies

Epiphany will not automatically expire non-whitelisted cookies that are already present on your system, so you must do this yourself.

  1. Exit Epiphany
  2. Delete the ~/.gnome2/epiphany/mozilla/epiphany/cookies.txt file if using the gecko-1.8 backend, or ~/.gnome2/epiphany/mozilla/epiphany/cookies.sqlite. If you don't want to blow away all your cookies, edit the appropriate file instead. Obviously, editing cookies.txt in your text editor is far more convenient than running SQL queries against cookies.sqlite. I guess that is the price of progress.

  3. Run Epiphany, and browse with privacy and style!

Whitelist API

It is possible to manipulate the whitelist using Epiphany's extensions mechanism. An example in Python:

   1 import epiphany
   2 s = epiphany.ephy_shell_get_default ().get_embed_single ()
   4 # add an entry to the whitelist; note the first argument is a URL
   5 s.add_permission ("http://lwn.net", "cookie", epiphany.PERMISSION_ALLOWED)
   7 s.list_permissions ("cookie");
   9 # remove an entry from the whitelist; note the first argument is a host name
  10 s.remove_permission ("lwn.net", "cookie")

This is how my cookie whitelist extension (above) works.

robots.org.uk: EpiphanyCookieWhitelist (last edited 2008-07-15 19:42:29 by sam)

© Sam Morris <sam@robots.org.uk>.
Content may be distributed and modified providing this notice is preserved.