Using launchd to Transparently Whitelist Safari's Cookies

Martin Dittus · 2005-07-30 · code, osx, site updates, tools · write a comment

I was looking for ways to automatically start my Safari CookieFilter script, because if I had to launch it manually every time I wanted to clean up Safari's cookies I would never really use it.

On a Windows machine I would put the script into the Autostart folder so that it would be executed upon system startup, but I've found that I never really reboot my Mac, so that wouldn't work.

Another option would be a script that invokes CookieFilter before it launches Safari, and to only start Safari via this script -- but this idea seemed to simple and obvious that quickly I discarded it as uninteresting. After all, I want to learn something along the way of doing this; and I didn't want to mess around with dock icons and Butler to make sure I never executed Safari directly. I was looking for a solution that is as transparent to the user as possible.

So while looking for other ways to automate processes I quickly found that launchd, the system launcher introduced in OS X 10.4, is actually quite interesting for such tasks -- and I had planned to look into it anyway. So I started to read some documentation, and found a solution involving launchd that, while it is a bit of a hack, works quite well, and does everything I need.

While writing the CookieFilter Perl script I had found that Safari uses the shared cookie storage, which is stored in ~/Library/Cookies/Cookies.plist -- you can open it with the Property List Editor to see the cookies.

Safari loads this file once when it starts up, and from then on regularly overwrites the file when there are new or changed cookies. Apparently you can modify the file even when Safari is running -- but the changes are only reflected after Safari has been closed and restarted, because that's the only time when it reads the file.

This creates a nice setup for a solution that mirrors Firefox's great implementation of a cookie whitelist, where all cookies are accepted for the session, but where unwanted cookies (i.e., those which are not in the whitelist) are discarded when the Browser is closed.

Which means: all we have to do is watch for changes to Cookies.plist, and then execute the CookieFilter script. And of course launchd can do that.

Get the updated script and launchd job at the CookieFilter page.


Next article:

Previous article:

Recent articles:

Comments

Comments are closed. You can contact me instead.