[kpthunder]

You actually have to allow it per-website per-visit (not even per-session).

[Klathmon]

no, it's per domain.

You only need to per-visit when it's an insecure localhost endpoint or something similar IIRC. (or if you have an extension which clears that setting every page load)