Allows sites to indicate which cookies are allowed to be set or sent in contexts where all ancestor frames belong to the same First-Party Set.
Motivation
In order to increase privacy on the web, browser vendors are either planning or already shipping restrictions on cross-site tracking, such as phasing out third-party cookies. However, modern websites are typically served over multiple domains/sites, many of which are owned by the same organization. First-Party Sets provides a mechanism to group domains/sites belonging to the same organization as being same-party with each other, and thus defines a privacy boundary for websites. The SameParty cookie attribute provides web developers a means to annotate cookies that are allowed to be set or sent in same-party, cross-site contexts; and hence should not be subject to obsoletion. In addition, SameParty cookies are blocked in cross-party, cross-site contexts.
Status in Chromium
Origin trial (tracking bug) in:
- Chrome for desktop release 89
- Chrome for Android release 89
Consensus & Standardization
Owners
Intent to Prototype url
Intent to Prototype threadSearch tags
same-party, same, party, first-party, sets, first, cookie, attribute,Last updated on 2021-02-25