Security News > 2020 > March > Apple Safari now blocks all third-party cookies by default

Apple Safari now blocks all third-party cookies by default
2020-03-26 14:10

"The long wait is over," Apple WebKit engineer John Wilander announced on Tuesday: the latest update to the Safari browser is blocking third-party cookies by default for all users.

We've added so many restrictions to ITP since its initial release in 2017 that we are now at a place where most third-party cookies are already blocked in Safari.

Mozilla rolled out the privacy enhancement in September 2019, announcing that Firefox would block both tracking cookies and cryptomining by default.

In a May 2019 post, Google said that it planned to update Chrome to provide users with more transparency about how sites use cookies and would require developers to explicitly specify which cookies are allowed to work across websites and which could thus be used to track users.

Since 'global browser state' has been top of mind in the web privacy community as of late, we'd like to point out that cookies themselves are global state and unless the browser blocks or partitions them in third-party contexts, they allow for cross-site leakage of user information such as login fingerprinting.


News URL

https://nakedsecurity.sophos.com/2020/03/26/apple-safari-now-blocks-all-third-party-cookies-by-default/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Apple 72 238 1567 2279 265 4349