最新消息:雨落星辰是一个专注网站SEO优化、网站SEO诊断、搜索引擎研究、网络营销推广、网站策划运营及站长类的自媒体原创博客

javascript - identify third party cookies - Stack Overflow

programmeradmin6浏览0评论

Given a cookie with the mon attributes (name, id, etc), is there anyway we can identify if the cookie is a third-party cookie? By that we mean a cookie that has been placed by website B while visiting website A. At the moment, I can see no ways of achieving that but perhaps I've missed something. I'm working on a project related to user privacy online and would like to get a list of websites that left third-party cookies in user's browser. I use Mozilla Firefox Browser.

Given a cookie with the mon attributes (name, id, etc), is there anyway we can identify if the cookie is a third-party cookie? By that we mean a cookie that has been placed by website B while visiting website A. At the moment, I can see no ways of achieving that but perhaps I've missed something. I'm working on a project related to user privacy online and would like to get a list of websites that left third-party cookies in user's browser. I use Mozilla Firefox Browser.

Share asked Jun 27, 2012 at 12:35 dfads fdasfsadfads fdasfsa 731 silver badge5 bronze badges
Add a ment  | 

3 Answers 3

Reset to default 5

There's no way to tell when looking at the store of cookies. The issue is that a cookie is always first party with respect to some site; the third-party-ness relates to the provenance of the cookie. The only way to identify if a cookie was a third-party cookie is to examine the actual header which set the cookie and see if that cookie was set for a domain other than the originating one. Everything is made far more plex by the fact that a cookie can be set for a whole domain (thus foo.bar. is allowed to set for .bar. so that grill.bar. will also see the cookie) and determining whether a suffix is a domain or not is not at all easy (e.g., some countries have multi-level domains).

The final problem is that it's easy enough for the site to request some resource from another domain for real, and set the cookie that way. That's formally not a third-party cookie, as it is being set by the domain it references, but it works in effectively the same way.

Every cookie is set for a domain. You can pare domain names to identify 3rd party cookies. But maybe I did not fully grasp your question.

Based merely on list of cookies created so far in the browser, there is no way to say if a cookie is a third-party cookie.

发布评论

评论列表(0)

  1. 暂无评论