Jump to content

Question regarding "third party cookies"

QQ_cazo
By QQ_cazo
in Programs, Apps and Websites
 Share
Go to solution Solved by Eigenvektor,

If you visit "linustechtips.com" and that site gives you a cookie, that is a first-party cookie. If there's an ad on the site and that ad attempts to set a cookie for the domain "eviladvertiser.com", that is a third-party cookie (because it does not belong to the domain you are visiting)

 

Signing in with Google doesn't mean there are third-party cookies involved. When you click on sign in, you are redirected to Google's site to sign in. Any cookies you receive from Google are now first-party. Once you've signed in, you'll be redirected to the original site with some information to let the site know you've successfully authenticated with Google. The site will accept you as signed in and set its own cookies (which are first-party, since you've been sent back to them).

 

If you go to another site, click on Sign in with Google, that site will, once again, redirect you to Google. Google can now read its own cookies. Based on these cookies, Google knows you're already signed in. As such Google may immediately redirect you back to the originating site, telling them "QQ_cazo is authenticated with us". The originating site will say "Great, we'll accept QQ_cazo as authenticated". The site may once again set its own session cookies.

Posted

So, how are third party cookies determined?

 

 

my reason for thinking this:

 

 

I go on a random website, says "sign in with google" yet, I have 3rd party cookies blocked. Why does only Google still popup yet other services (i.e. my custom 3rd party server, it drops a cookie, shows as blocked)

 

 

isnt 3rd party cookies suppose to be blocked always unless i allow them? (which i havent)

Link to comment
https://linustechtips.com/topic/1415847-question-regarding-third-party-cookies/
Share on other sites
Link to post
Share on other sites
Posted
  • Solution

If you visit "linustechtips.com" and that site gives you a cookie, that is a first-party cookie. If there's an ad on the site and that ad attempts to set a cookie for the domain "eviladvertiser.com", that is a third-party cookie (because it does not belong to the domain you are visiting)

 

Signing in with Google doesn't mean there are third-party cookies involved. When you click on sign in, you are redirected to Google's site to sign in. Any cookies you receive from Google are now first-party. Once you've signed in, you'll be redirected to the original site with some information to let the site know you've successfully authenticated with Google. The site will accept you as signed in and set its own cookies (which are first-party, since you've been sent back to them).

 

If you go to another site, click on Sign in with Google, that site will, once again, redirect you to Google. Google can now read its own cookies. Based on these cookies, Google knows you're already signed in. As such Google may immediately redirect you back to the originating site, telling them "QQ_cazo is authenticated with us". The originating site will say "Great, we'll accept QQ_cazo as authenticated". The site may once again set its own session cookies.

Remember to either quote or @mention others, so they are notified of your reply

Link to post
Share on other sites
Posted
  • Author
On 3/3/2022 at 11:40 PM, Eigenvektor said:

If you visit "linustechtips.com" and that site gives you a cookie, that is a first-party cookie. If there's an ad on the site and that ad attempts to set a cookie for the domain "eviladvertiser.com", that is a third-party cookie (because it does not belong to the domain you are visiting)

 

Signing in with Google doesn't mean there are third-party cookies involved. When you click on sign in, you are redirected to Google's site to sign in. Any cookies you receive from Google are now first-party. Once you've signed in, you'll be redirected to the original site with some information to let the site know you've successfully authenticated with Google. The site will accept you as signed in and set its own cookies (which are first-party, since you've been sent back to them).

 

If you go to another site, click on Sign in with Google, that site will, once again, redirect you to Google. Google can now read its own cookies. Based on these cookies, Google knows you're already signed in. As such Google may immediately redirect you back to the originating site, telling them "QQ_cazo is authenticated with us". The originating site will say "Great, we'll accept QQ_cazo as authenticated". The site may once again set its own session cookies.

but it leaves the following question: before I even click it, it shows my Google username, along with loading all google cookies (by click it, I mean interacting with the signing with Google div. not even hover)

Link to post
Share on other sites
Posted
7 hours ago, QQ_cazo said:

but it leaves the following question: before I even click it, it shows my Google username, along with loading all google cookies (by click it, I mean interacting with the signing with Google div. not even hover)

Not quite sure how that one would work, is it just a div or does it contain an iframe?

Remember to either quote or @mention others, so they are notified of your reply

Link to post
Share on other sites
Posted
1 hour ago, QQ_cazo said:

it shows as a div, peeking inside the full element, therre is no iframe to be seen

I'd have a look at the network tab of your browser. It's quite possible there's some JS that's communicating with Google. Or… are you using Chrome and you're signed into the browser?

Remember to either quote or @mention others, so they are notified of your reply

Link to post
Share on other sites
Posted (edited)
On 3/5/2022 at 3:38 PM, QQ_cazo said:

but it leaves the following question: before I even click it, it shows my Google username, along with loading all google cookies (by click it, I mean interacting with the signing with Google div. not even hover)

Is this what you're talking about?:

Spoiler

image.png.ab8fa770f60e5c91d88a5df5ba2351b7.png

 

On 3/6/2022 at 12:41 AM, QQ_cazo said:

it shows as a div, peeking inside the full element, therre is no iframe to be seen

Well, it is actually an iframe:

Spoiler

image.thumb.png.5115b13a809035f19ca9c2d6db93c53f.png

 

 

On 3/6/2022 at 2:25 AM, Eigenvektor said:

I'd have a look at the network tab of your browser. It's quite possible there's some JS that's communicating with Google. Or… are you using Chrome and you're signed into the browser?

The network tab does show a request to accounts.google.com at about the same time the iframe loads in.

Spoiler

image.thumb.png.b87cd08d9b51ebcb148fb4b65a9a1b82.png

 

Edited by RockSolid1106
On 4/5/2024 at 10:13 PM, LAwLz said:

I am getting pretty fucking sick and tired of the "watch something else" responses. It's such a cop out answer because you could say that about basically anything, and it doesn't address the actual complaints. People use it as some kind of card they pull when they can't actually respond to the criticism raised but they still feel like they need to defend some company/person. If you don't like this thread then stop reading it. See how stupid it is? It's basically like telling someone "shut the fuck up". It's not a clever responsive, it doesn't address anything said, and it is rude. 

 ^

-----

MKBHD is but an Apple propagandist and fanboy. Take his videos with a grain of salt, especially about anything Apple. In his video titled "I Visited Apple's Secret iPhone Testing Labs!", he has shown that he makes no effort to fact check Apple's claims, and takes it at face value. I do not believe he can be trusted as an Reviewer/Influencer.

-----

bruh switch to dark mode its at the bottom of this page

VPN Server Guide

Link to post
Share on other sites
Posted
  • Author
On 3/5/2022 at 12:55 PM, Eigenvektor said:

I'd have a look at the network tab of your browser. It's quite possible there's some JS that's communicating with Google. Or… are you using Chrome and you're signed into the browser?

Signed into chrome.

Link to post
Share on other sites
Posted

-= Moved to Programs, Apps and Websites =-

COMMUNITY STANDARDS   |   TECH NEWS POSTING GUIDELINES   |   FORUM STAFF

LTT Folding Users Tips, Tricks and FAQ   |   F@H & BOINC Badge Request   |   F@H Contribution    My Rig   |   Project Steamroller

I am a Moderator, but I am fallible. Discuss or debate with me as you will but please do not argue with me as that will get us nowhere.

 

Spoiler

Character is like a Tree and Reputation like its Shadow. The Shadow is what we think of it; The Tree is the Real thing.  ~ Abraham Lincoln

You have enemies? Good. That means you've stood up for something, sometime in your life.  ~ Winston Churchill

Reputation is a Lifetime to create but takes only seconds to destroy.

Docendo discimus - "to teach is to learn"

 

  

 CHRISTIAN MEMBER 

 
 
 
 
 
 

 

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing Programs, Apps and Websites

×