javascript - identify third party cookies

Given a cookie with the mon attributes (name, id, etc), is there anyway we can identify if the cookie is a third-party cookie? By that we mean a cookie that has been placed by website B while visiting website A. At the moment, I can see no ways of achieving that but perhaps I've missed something. I'm working on a project related to user privacy online and would like to get a list of websites that left third-party cookies in user's browser. I use Mozilla Firefox Browser.

Share asked Jun 27, 2012 at 12:35 dfads fdasfsa 731 silver badge5 bronze badges

Add a ment |

3 Answers 3

Sorted by: Reset to default 5

There's no way to tell when looking at the store of cookies. The issue is that a cookie is always first party with respect to some site; the third-party-ness relates to the provenance of the cookie. The only way to identify if a cookie was a third-party cookie is to examine the actual header which set the cookie and see if that cookie was set for a domain other than the originating one. Everything is made far more plex by the fact that a cookie can be set for a whole domain (thus foo.bar. is allowed to set for .bar. so that grill.bar. will also see the cookie) and determining whether a suffix is a domain or not is not at all easy (e.g., some countries have multi-level domains).

The final problem is that it's easy enough for the site to request some resource from another domain for real, and set the cookie that way. That's formally not a third-party cookie, as it is being set by the domain it references, but it works in effectively the same way.

Every cookie is set for a domain. You can pare domain names to identify 3rd party cookies. But maybe I did not fully grasp your question.

Based merely on list of cookies created so far in the browser, there is no way to say if a cookie is a third-party cookie.

科技改变生活-雨落星辰 - 所有的伟大,都源于一个勇敢的开始

javascript - identify third party cookies - Stack Overflow

3 Answers 3