I want to allow cookies for a domain but only over HTTPS — not cookies from the same domain that come from HTTP. For example, I don't want any http://www.google.com cookies, but I do want to allow https://www.google.com cookies (because Calendars are there).
Is there a way to do this? Does the goal even make sense?
In Chrome, it only allows domain names, not URLs, to be added to the cookie exception list. In Firefox, it allows a protocol, but it only records the domain name, and if you click "Allow" or "Deny", it changes the same entry in the list.
Best Answer
NoScript for firefox solves this problem:
http://noscript.net/faq#qa6_1 (last three lines of the paragraph)
Details here: http://hackademix.net/2008/09/10/noscript-vs-insecure-cookies/