| |||||||||||||
Mozilla, Google and privacyMozilla, Google and privacyPosted Aug 14, 2009 11:43 UTC (Fri) by Tobu (subscriber, #24111)In reply to: Mozilla, Google and privacy by dlang Parent article: Ubuntu removes "multisearch"
Cookies are set for the domain content was fetched from, but included content makes the distinction irrelevant. This is indeed what I meant by third-party cookies: cookies set by third-party content. I don't suggest breaking the web by refusing third-party content. Just that a cookie set on domain D via inclusion on domain A should not be the same as a cookie set on domain D via inclusion on domain B. As far as cookies are concerned, this should be enough to restore privacy.
(Log in to post comments)
Mozilla, Google and privacy Posted Aug 15, 2009 3:12 UTC (Sat) by dlang (✭ supporter ✭, #313) [Link]
if you refuse to allow cookies for third-party content, you run the very real risk of breaking that third-party content if it needs cookies for it's functionality.
your suggestion to add a referrer-type tag to the cookie store is interesting and I think it would be a very good thing for someone to try implementing.
however it will break some legitimate uses as well as the people you are trying to break. you won't see this breakage on most small sites, but on large sites that spread functionality across multiple URLs you make it will break portions of the site that are common.
Mozilla, Google and privacy Posted Aug 15, 2009 20:17 UTC (Sat) by Tobu (subscriber, #24111) [Link] The sites I could see being broken by this are domains that maintain user sessions across tlds, like google.tld and lastfm.tld . They could use redirects to transfer the session between the .com domain and the country domain. Most sites that run analytics or ads via just a script tag wouldn't bother.
|
|||||||||||||