WebKit Bugzilla
New
Browse
Log In
×
Sign in with GitHub
or
Remember my login
Create Account
·
Forgot Password
Forgotten password account recovery
RESOLVED WONTFIX
Bug 7965
Third Party Cookies Blocked
https://bugs.webkit.org/show_bug.cgi?id=7965
Summary
Third Party Cookies Blocked
Justin Haygood
Reported
2006-03-24 12:59:25 PST
Third Party Cookies are apparently blocked from being used, even with P3P headers set. This can be detrimental to user experience, especially when it comes to advertising. Most third party cookies set are not for "tracking", but for user options, mainly, to confirm that a particular intrusive ad isn't as intrusive, by only being intrusive the first time its seen on any website, not just the first time its seen on a particular website. With third-party cookies blocked, this can be very annoying, specially when the people using Safari happens to be the clients who requested the non-intrusive (but intrusive on first load) functionality. Other browsers: Mozilla Firefox 1.5: allows third party cookies by default Internet Explorer 6 / Windows: blocks without a P3P privacy policy (which is set) Safari: blocked Test Page:
http://apps.eyewonderlabs.com/adWdrVideoSpace/ad/5165/approvalJSTags.html
A JavaScript alert should pop up with the amount of times that ad has been seen. The cookie is set using industry standard methods of using a 1x1 gif to write it, and is read via a JS file that's written out dynamically.
Attachments
Add attachment
proposed patch, testcase, etc.
David Kilzer (:ddkilzer)
Comment 1
2007-07-15 06:21:36 PDT
<
rdar://problem/5336248
>
Roland Liwag
Comment 2
2008-10-16 07:17:28 PDT
This seems to also affect subdomains of a parent domain when set in a frame. It's inconsistent though because it seems to work fine on some domains that I've tried but not others. Here are two examples:
http://test2.foks.se
(cookie not set)
http://test2.almostasbig.com
(cookie is set) In both examples, the cookie is set by image.php which just outputs an image.
Darin Adler
Comment 3
2008-10-30 08:41:51 PDT
I believe this is not a WebKit issue, and so this bugs.webkit.org bug should probably be closed. The cookie handling is outside WebKit, in the networking library. Unless there's something the WebKit layer should be doing.
Alexey Proskuryakov
Comment 4
2008-10-31 14:25:27 PDT
If this bug is about P3P policies (which isn't completely clear to me), then yes, WebKit will need to be modified to apply these.
Jeff Krantz
Comment 5
2009-01-24 13:49:41 PST
https://uverse1.att.com/un/launchAMSS.do?target_action=serviceabilityCheck
Please try the above URL. It claims that cookies are not enabled, and mine are. (In reply to
comment #0
)
> Third Party Cookies are apparently blocked from being used, even with P3P > headers set. This can be detrimental to user experience, especially when it > comes to advertising. > > Most third party cookies set are not for "tracking", but for user options, > mainly, to confirm that a particular intrusive ad isn't as intrusive, by only > being intrusive the first time its seen on any website, not just the first time > its seen on a particular website. With third-party cookies blocked, this can be > very annoying, specially when the people using Safari happens to be the clients > who requested the non-intrusive (but intrusive on first load) functionality. > > Other browsers: > Mozilla Firefox 1.5: allows third party cookies by default > Internet Explorer 6 / Windows: blocks without a P3P privacy policy (which is > set) > > Safari: blocked > > Test Page: >
http://apps.eyewonderlabs.com/adWdrVideoSpace/ad/5165/approvalJSTags.html
> > A JavaScript alert should pop up with the amount of times that ad has been > seen. The cookie is set using industry standard methods of using a 1x1 gif to > write it, and is read via a JS file that's written out dynamically. >
Krystian Nowak
Comment 6
2009-02-13 01:21:55 PST
Either (or even both) priority and severity should be raised (I am not an empowered user to do such things) because it is a real problem for various contemporary services. Regards, Krystian Nowak
Josh Lewis
Comment 7
2010-02-11 10:04:55 PST
This bug is causing serious problems for some Safari users on a central piece of a site I'm working on. It would be great to get this fixed. Even IE has P3P stuff properly implemented. Embarrassing.
Josh Lewis
Comment 8
2010-08-13 09:07:54 PDT
I'm seeing evidence that this bug also causes issues for 3rd party Facebook developers who use iframes, etc. iframes are not the past. They're an important part of the future of the web. Please don't ignore this bug!
Brady Eidson
Comment 9
2017-07-13 21:58:35 PDT
7 years since the last comment, it's probably become clear that many priorities of the WebKit project are centered around protecting users from tracking vectors, and 3rd party cookie blocking (in all of its forms) is just the most basic form of this. Legitimate 3rd parties have many avenues to collude with 1st parties that trust them. This bug currently has no substance we intend to act upon.
Note
You need to
log in
before you can comment on or make changes to this bug.
Top of Page
Format For Printing
XML
Clone This Bug