Security News > 2020 > March > Apple Enables Full Third-Party Cookie Blocking in Safari

Apple Enables Full Third-Party Cookie Blocking in Safari
2020-03-26 11:53

Apple this week announced that third-party cookies are now blocked by default in Safari on macOS, iOS and iPadOS. The feature represents the latest enhancement the Cupertino-based company brought to its Intelligent Tracking Prevention and is meant to improve the privacy of its users by removing previously accepted exceptions.

Due to continuous improvements made to ITP, most third-party cookies were already blocked in Safari, but other browser makers are also moving toward blocking cookies by default, and Apple decided to make the final step before others.

"Full third-party cookie blocking removes statefulness in cookie blocking. [] Full third-party cookie blocking makes sure there's no ITP state that can be detected through cookie blocking behavior," Apple says.

Blocking third-party cookies disables cross-site request forgery attacks against websites through third-party requests, removes the possibility to identify users through an auxiliary third-party domain, and simplifies development, through the use of the Storage Access API for cookie access as third-party.

The full third-party cookie blocking also means that, once a "Request is blocked from using cookies, all redirects of that request are also blocked from using cookies."


News URL

http://feedproxy.google.com/~r/Securityweek/~3/pminZFPpE2A/apple-enables-full-third-party-cookie-blocking-safari

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Apple 68 212 1433 2208 257 4110