Google company about the intention within the next two years to completely stop support in Chrome for third-party cookies exposed when accessing sites other than the domain of the current page. Such cookies are used to track user movements between sites in the code of advertising networks, social network widgets and web analytics systems.
Like yesterday the intention to unify the User-Agent header, the rejection of third-party Cookies is moving forward as part of the initiative aimed at achieving a compromise between the need for users to maintain privacy and the desire of advertising networks and sites to track the preferences of visitors. Until the end of this year in the mode expected to be included in the browser to measure conversions and personalize ads without the use of third-party cookies.
To determine the category of user interests without individual identification and without reference to the history of visiting specific sites, advertising networks are encouraged to use the API , to evaluate user activity after switching to ads - API , and to separate users without using cross-site identifiers - API . Development of specifications related to the display of targeted advertising
without violating confidentiality created by the W3C.
Currently, in the context of protecting against the transmission of cookies during applies the SameSite attribute specified in the Set-Cookie header, which since Chrome 76 is set to "SameSite=Lax" by default, restricting the sending of Cookies for inserts from third-party sites, but sites can override the restriction by explicitly setting the Cookie to SameSite=None . The SameSite attribute can take two values, 'strict' or 'lax'. In 'strict' mode, cookies are kept from being sent for any kind of cross-site request. In 'lax' mode, more relaxed restrictions apply and cookie transmission is only blocked for cross-site subrequests, such as requesting an image or downloading content via an iframe.
Chrome 80, scheduled for Feb. 4, will have a tighter restriction that prevents third-party cookies from being processed for non-HTTPS requests (with the SameSite=None attribute, Cookies can only be set in Secure mode). In addition, work continues on the implementation of tools to identify and protect against the use of bypass methods of tracking and hidden identification (βbrowser fingerprintingβ).
Recall that in Firefox, since the release , Cookies of all third-party tracking systems are by default ignored. Google considers this blocking to be justified, but it requires the preparation of the Web ecosystem and the provision of alternative APIs to perform tasks for which third-party cookies were previously used, without violating privacy and without undermining the monetization models of ad-funded sites. In response to blocking cookies without providing an alternative, ad networks did not stop tracking, but only moved to more sophisticated methods based on hidden user identification (fingerprinting) or through for the tracker of hotel subdomains in the domain of the site where the ad is displayed.
Source: opennet.ru