Third party cookies...how do they work?

Discussion in 'Javascript' started by Donald Canton, Aug 23, 2003.

  1. Hi,

    I just changed my browser settings to override automatic cookie
    handling and block all third party cookies. Now I'm curious. How are
    third party cookies allowed in the first place? I thought only the
    domain of the web site visited could store and retrieve cookies?

    -dc
     
    Donald Canton, Aug 23, 2003
    #1
    1. Advertising

  2. Donald Canton wrote:
    > I just changed my browser settings to override automatic cookie
    > handling and block all third party cookies. Now I'm curious. How are
    > third party cookies allowed in the first place? I thought only the
    > domain of the web site visited could store and retrieve cookies?


    The site setting the cookie gives permission for specific other domains to
    access it.

    I *think* its handled by http://www.w3.org/P3P/

    --
    David Dorward http://dorward.me.uk/
     
    David Dorward, Aug 23, 2003
    #2
    1. Advertising

  3. Donald Canton

    Randell D. Guest

    "Donald Canton" <> wrote in message
    news:...
    > Hi,
    >
    > I just changed my browser settings to override automatic cookie
    > handling and block all third party cookies. Now I'm curious. How are
    > third party cookies allowed in the first place? I thought only the
    > domain of the web site visited could store and retrieve cookies?
    >
    > -dc


    Are you sure its a third party cookie? I thought my idea was unique, but
    its not - I've seen it somewhere else... I've not proven this myself, but
    my little Javascript makes me *believe* this is possible...

    When createing a cookie, you can pass it your domain name. Thus (I
    *believe) if you are site abc.com, you can create a cookie for def.com -
    Once abc.com has planted the def.com cookie, then abc.com cannot re-read or
    change it - only def.com can.

    Some websites to this that might for example, have one website offering you
    access to partner websites (on different domains). The website you log on
    to could create a cookie for each of the other partner websites to
    acknowledge that you have logged on successfully with them.

    An alternative method (which I have not tried) is a javascript on a third
    party server (for example http://def.com/example.js) could be executed from
    within html from http://abc.com/page.html This *might* permit the example.js
    script to plant a cookie...

    Perhaps someone might be able to comment on what I've said above - I know
    the rough limitations of cookies but do believe the above could be
    workarounds for some solutions.

    Hope that gives you some insight to a solution and I'd be interested if you
    have better Javascript skills than mine to give the above a try...
     
    Randell D., Sep 5, 2003
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Kieran Benton
    Replies:
    3
    Views:
    513
    Ray Cassick \(home\)
    Sep 11, 2003
  2. Chris

    Third party cookies and P3P

    Chris, Apr 8, 2005, in forum: ASP .Net
    Replies:
    1
    Views:
    744
    David Berman
    Apr 25, 2005
  3. Brian J. Sayatovic
    Replies:
    2
    Views:
    336
  4. ASPQuicky
    Replies:
    1
    Views:
    98
    Ken Cox [Microsoft MVP]
    Oct 13, 2004
  5. reading third party cookies

    , Apr 2, 2009, in forum: Javascript
    Replies:
    6
    Views:
    455
    Thomas 'PointedEars' Lahn
    Apr 2, 2009
Loading...

Share This Page