New: Block Third Party Cookies
|
Apr. 04, 2009, 05:05 PM
Post: #24
|
|||
|
|||
RE: New: Block Third Party Cookies
As for your point 1, exactly.
(Apr. 04, 2009 04:41 PM)Graycode Wrote: 2. GRC doesn't seem to be doing the kind of third-party party cookie that HTTP headers can carry. GRC is instead using multiple domains (grc.com and grctech.com) that each set cookies that aren't automatically sent to the other. It's confusing. If i got you right, saying a 3rd party cookie is e.g. one sent by hotmail.com, carrying a .mail.live.com domain field, that is simply a defunct cookie, and i strongly assume that no halfway recent browser would accept it, no matter what you've told it to do with 3rd party cookies (i'm certain only regarding Firefox, though). I think GRC got it correctly. Wikipedia explains it nicely. What surprised me (besides the favicon story) is that this test page is considering cookies set by an off-domain iframe as 3rd party, too! I would expect a lot of breakage here. |
|||
« Next Oldest | Next Newest »
|