Faculty Resources > ‎Canvas FAQ
Browser Settings, Cookies, and Privacy Concerns

The information on this page applies to all users of Canvas (instructors, students, and staff) and third-party tools within Canvas.

Note: Internet Explorer is no longer supported. See the Canvas Supported Browsers page for more details.

What are cookies?

Detailed Description: An HTTP cookie (also called web cookie, Internet cookie, browser cookie, or simply cookie) is a small piece of data sent from a website and stored on the user's computer by the user's web browser while the user is browsing. Cookies were designed to be a reliable mechanism for websites to remember stateful information (such as items added in the shopping cart in an online store) or to record the user's browsing activity (including clicking particular buttons, logging in, or recording which pages were visited in the past). They can also be used to remember arbitrary pieces of information that the user previously entered into form fields such as names, addresses, passwords, and credit card numbers.

Cookies perform essential functions in the modern web. Perhaps most importantly, authentication cookies are the most common method used by web servers to know whether the user is logged in or not, and which account they are logged in with. Without such a mechanism, the site would not know whether to send a page containing sensitive information, or require the user to authenticate themselves by logging in. The security of an authentication cookie generally depends on the security of the issuing website and the user's web browser, and on whether the cookie data is encrypted. Security vulnerabilities may allow a cookie's data to be read by a hacker, used to gain access to user data, or used to gain access (with the user's credentials) to the website to which the cookie belongs (see cross-site scripting and cross-site request forgery for examples).

Tracking cookies, and especially third-party tracking cookies, are commonly used as ways to compile long-term records of individuals' browsing histories – a potential privacy concern that prompted European and U.S. lawmakers to take action in 2011.

Google Project Zero researcher Jann Horn describes ways cookies can be read by intermediaries, like Wi-Fi hotspot providers. He recommends to use the browser in incognito mode in such circumstances.

Short Description: Cookies are small text files which web servers can place on your computer when you visit their website. Cookies are typically used to help websites remember that you've logged in, or perhaps to store your personal preferences for that website. Cookies can also be used to track your behavior (and particularly to track your behavior across a number of different websites). Third-party cookies are often used to do this, and a lot of web users choose to disable third party cookies to help prevent them being tracked.

Are cookies enabled or disabled on my computer browsers? To find out if your browser is currently set to allow Third-Party cookies, visit this third-party cookies detection page.

How do cookies, tracking, and privacy concerns affect, enhance, or hinder my usage of Canvas and other GU tools? Certain integrated third-party or Georgetown-developed tools in Canvas may not work or load properly if your browser settings are set to block third-party cookies.

Should I enable third-party cookies? There is no simple answer! Since enabling third-party cookies poses tracking and privacy concerns, our recommendation is to use a browser that allows website-specific exceptions rather than globally allowing third-party cookies and tracking on all websites. Unfortunately, the Safari browser can only be configured to globally block or allow all website cookies. Firefox and Chrome, on the other hand, allow per-domain (per website) exceptions to block or allow cookies. As a user, you need to make your own decision about what kinds of cookies you want to allow on the browsers that you utilize on your computer.

As a user you have every right to be concerned about online privacy and tracking.  As a workaround to allowing third-party cookies on the browser of your choice, you may want to consider using a completely different browser exclusively for the Georgetown-provided third-party tools that require global or per-website exceptions with apps/tools such as in the list below.

Tools in Canvas that require third-party cookies

All external apps in Canvas, which are rendered in iframes and use cookie-based sessions, require third-party cookies to be enabled in the browser.  The following is a partial list of such tools:
    • Panopto
    • Photo Roster
    • ShareStream MediaManager
    • Voicethread
    • Zoom

    Enable Third-Party Cookies

Many of the tools used in Canvas require users to have third-party cookies enabled.  When these are not enabled, users may get error messages.  The information provided here is meant to be a general guide, but since browsers are updated frequently students and faculty should refer to the help documentation for their chosen browser for the most up to date information.

Please refer to the help documentation for your browser for current and up to date information on how to enable 3rd party cookies.

Google Chrome

Open your Chrome Browser.
In the address bar, enter this address:  chrome://settings/content/cookies
Make sure that the setting for Block third-party cookies is NOT enabled.
Restart Chrome.

Chrome Third Party Cookies Setting


Open your Chrome Browser.
In the address bar, enter this address:  about:preferences#privacy
Under the section for Content Blocking, select Standard (you may need to refresh your browser tabs after changing this setting).
Restart Firefox.

Firefox Third Party Cookies Setting


Open your Safari browser.
Click on the Safari menu and choose Preferences.
Click on the Privacy tab.
Next to the "Cookies and website data," un-select Block all cookies

Safari Third Party Cookie Setting

Microsoft Edge

Open your Edge Browser.
Click on the More actions button on the toolbar (3 dots), and select Settings.
Scroll down and click on View advanced settings
Scroll down and find the Cookies section.  From the drop down, select Don't block cookies
Restart Edge
Edge Third Party Cookie Setting

Edge Third Party Cookie Setting

How to add cookie exceptions on Chrome:

  1. Open Chrome
  2. Click on the word Chrome in the drop-down menu, then click on Preferences to load “Settings"
  3. Click "Advanced" to display Advanced Settings
  4. In the “Privacy and Security” section, click on "Site Settings"
  5. Under "Permissions," click on "Cookies and site data"
  6. On "Cookies and site date" page, change the following cookies settings:
  7. From "Blocked" to "Allow sites to save and read cookie data (recommended)"
  8. Activate (turn blue) Block third-party cookies
  9. In the "Allow" section (at the bottom of the page) click on the "Add" button

To add a Panopto exception:

To add a Photo Roster exception:

To add a ShareStream exception:
In the "Add a site" pop-up window, type "mediapilot.georgetown.edu" and click on Add

To add a VoiceThread exception:

To add a Zoom exception:

How to add cookie exceptions on FireFox:
...coming soon...

How to add cookie exceptions on Safari:
Unfortunately, it is not possible to add cookie exceptions on Safari.

Alternatives to enabling cookies and/or adding cookie exceptions for individual web sites:

When using Panopto, if cookies have been blocked, users will see the following message:
"We were unable to sign you in because your browser is not accepting cookies.
Click here to open this page in a new tab. You may need to log in again."

Once you click on the word "here," you will be taken to the Georgetown University NetID SSO page in a new window.  Click on "Sign In," where you can enter your NetID and NetID password, and will be allowed to load the Panopto site outside of Canvas.

When using ShareStream, if cookies have been blocked, users will see an error message when attempting to load Media Manager.  Instead of adding a web site exception for ShareStream mediapilot.georgetown.edu, there are two alternatives that would still allow you to utilize ShareStream services:
Option 1:  Enable ShareStream Pick-n-Play in your Canvas site instead of ShareStream MediaManager and simply utilize Pick-n-Play for your media streaming needs. This will allow you to avoid enabling third-party cookies in your browser if you do not wish to do so. 
Option 2:  Simply point your browser to https://mediapilot.georgetown.edu and use ShareStream MediaManager services outside of Canvas.

When using VoiceThread, if cookies have been blocked, user will see the following message:
Local storage is disabled in your web browser. Please adjust your browser settings to correct this, and then go back and access VoiceThread again.  As an alternative to enabling cookies or setting website specific exceptions for VoiceThread, you can simply point your browser to https://georgetown.voicethread.com and simply use VoiceThread outside of Canvas.