Menu
When a page includes third party javascript (via <script src=...) and that javascript then sets a cookie, that cookie "becomes" a first party cookie, even though it's originally set by a third party source.
My question is this. If someone has disabled third party cookies in their browser, does that also apply cookies set by third party javascript? Or does it only block cookies that are explicitly set in the headers for requests to the third party domain?
And either way, do all browsers handle this the exact same way or do some block javascript cookies but others allow it?
248
It takes different steps to disable third-party cookies depending on what browser you are using. To disable third-party cookies on the Microsoft Edge browser, click the gear icon in the upper right-hand corner. Select the “Settings” option in the new menu that pops up. Next, click “View Advanced Settings.” In this menu, find the “Cookies” heading.
Cookies are pieces of data that are saved in your web browser by the websites you visit. Third-party cookies have their origins on other domains than the website you visit. Most of the time, third-party cookies are used by ad services to offer you targeted ads that are based on your browsing history and your web searches.
Google’s Privacy Sandbox and third-party cookies in Chrome. In January 2020, Google published a blogpost announcing that Chrome would phase out support for third-party cookies in the browser within two years, starting with trials on conversion measurement and personalization by the end of 2020.
And in 2019, Mozilla's Firefox browser started blocking third-party cookies by default. This doesn't mean that advertisers won't have tools to target you on the country's most popular browsers. Google, in fact, is already testing alternatives to third-party cookies.
I just thought I'd update this after further testing, in case anyone comes across it later.
I tested Firefox 3.6, MSIE 7, Safari 4, Chrome 4, and Opera 10, and they all do in fact support creating cookies via third party javascript, even when third party cookies are disabled. I conclude this is because the cookies are created for the first party domain, so the browsers treat them as first party cookies, even though they are created by a script from a third party source.
It's only cookies created by headers from third party requests that get rejected when this feature is enabled.
67
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
