- cross-posted to:
- [email protected]
- cross-posted to:
- [email protected]
Fuck chrome, fuck Google.
so, if were usin firefox, were good to go?
Good in what sense? Firefox is already blocking third party cookies as part of its enhanced tracking protection (which you should set to “strict” level, go do that right now if you didn’t already).
Thank you. Just did it
deleted by creator
Other browser makers such as Apple, Brave, and Mozilla have already begun blocking third-party cookies by default. Google Chrome and Microsoft Edge provide that option, just not out of the box.
Chrome is behind the curve on this.
Kill third party everything. No more CDNs, no more tracking pixels, no more cookies, no more content from anything but the domain in the url bar.
No more CDNs is a bad fucking idea.
Any CDN worth its salt can run on your domain so that’s not an issue. The issue is that no third-party anything is pointless as links will just change from nyt.adnetwork.com to adnetwork.nyt.com. I’d rather not encourage those kinds of DNS shenanigans.
What about a CDN for JS libraries?
What about YouTube embeds?
What about images from Imgur?
Why should all of this be handled by me, on my domain?
You’d tell cloudflare DNS “yo put your stuff on cloudflare-cdn.mydomain.foo”. Embeds should be iframes, that is, different webpages, imgur could do the same though yes it’s overkill. Another option would imgur offering an automated API that would allow cloudflare DNS to tell it “here’s a key, please get ready to serve on imgur-cdn.mydomain.foo”.
It can all be handled on your domain without you actually running the backing servers. It’s also insanity.
Running a CDN on your domain effectively defeats the purpose of CDN.
No. Things being on your domain doesn’t mean that traffic hits your servers.
It doesn’t, but it defeats the purpose of CDN, because your users still hit your domain instead of CDN one and cannot leverage the benefits of distributed caching. Browser cache is bound to a URL, you change one letter and it is invalidated.
Why would the URL change?
It won’t share js libraries and fonts and whatnot cross-site but compared to a single image that should be negligible. At least if you don’t pull in gazillions of superfluous dependencies and don’t even run dead code elimination over them. And anyway that’s more bandwith usage between user and CDN, not user and you.
Also I already said that it’s insanity. But it would work.
Because you’re not using a CDN URL everyone else is.
Savings are massive for the user. If you don’t care about your users, please stop doing anything development related.
Why?
CDNs like CloudFlare reduce load on smaller servers through caching and delivery of common assets, which reduces load times (helping to democratize sites as it’s not just big companies that can afford quick websites). CDNs also prevent DDoS attacks and can improve uptime.
They’re pretty critical pieces of internet architecture. Not that they’re perfect, but banning all third party content from sites is kind of a baby/bathwater situation.
CDNs also reduce load on the network. Why pull a resource from a server on the opposite side of the world when a CDN on my ‘door step’ can provide a cached version of it.
Ah. Thanks!!
The purpose of a CDN is to better cache common resources between different web sites. For example, if you’re using a Roboto font from Google CDN on your web site, just like many other web sites do, the user who previously visited other sites with such font will load your web site much faster and will spend less traffic, because he already has this font from CDN in their cache. It also means that you save money on hosting.
If you remove CDN from the equation, you punish yourself and your users. That’s a very dumb idea. Especially when CDNs are free to use.
What if everything is just routed through the backend and still is able to track you?
But that is a lot harder to do and requires more resources.
If you have a tracking pixel now, the company directly knows your browser from you downloading that pixel. If they were to implement the single-backend stuff, the site would have to gather all that information themselves and then send it to all the trackers. But they can’t just send it somewhere, because then everyone could send bogus info to them so you need verification and an api and that is costly and each company would build their own api so you need to buy a program that speaks all those apis… You get the point. It’s a LOT more work than just pasting the text for some pixel somewhere on your site and let the others do the rest.
Yes please.
This person absolutely HATES Twitter embeds.
Would this destroy site analytics?
Not for Google it won’t.
Getting rid of the competition.
Google would never do that. Google is: “Streamlining products to ensure business owners can expand on potential revenue sources by providing single-channel access to advanced site analytics while helping people optimize access to the broad landscape of available data sources.”
Randomly insert “Advanced Next Generation AI” anywhere in the above for full effect.
No, it would not. If you’re talking GA, that’s all first party.
I’m thinking more along the lines of the aggressive cookies sites like Facebook and Tiktok use. For FB that’s like their whole model.
This is the best summary I could come up with:
With the publication of its notice of intent to deprecate and remove third-party cookies, those involved in the development of Google’s Chrome browser and its associated Chromium open source project now have more specific guidance.
As Google senior software engineer Johann Hofmann observed in his aforementioned notice, the phaseout of third-party cookies and shift to Privacy Sandbox technology – in Chrome at least – is a significant change in the status quo.
The impact of replacing the technical foundation of internet advertising while marketers are still doing business on the premises hasn’t been lost on regulators, who have been trying to ensure that Google builds a level-playing field – something critical lobbying groups have disputed.
Thus Google has agreed to make specific commitments to the UK’s Competition and Markets Authority (CMA) to allay concerns that the Privacy Sandbox doesn’t become a killzone for competitors.
While it seems unlikely that watchdogs want to ensure that every marketer operates from an equal level of informational wealth, competitors have a unique opportunity to hamstring the ad giant by raising the alarm amid its antitrust trials and inquiries around the globe.
“The web in general is rapidly moving away from third-party cookies, with Firefox and Safari leading the way,” said EFF senior staff technologist Jacob Hoffman-Andrews in an email to The Register.
The original article contains 1,739 words, the summary contains 218 words. Saved 87%. I’m a bot and I’m open source!
Good bot
Isn’t it sad that they referred to them as “Google Chrome coders” and not “web developers?”
Tells me everything I need to know.
🙄
The browsers disabling third-party cookies have already been a pain in the ass at my job.
Good
What is your job?
web developer for a med lab system that integrates quite a bit of stuff to hospital admin portals thru iframe.
Today’s dev call consisted of how iframes are tanking subresource integrity audit.
Nah, no need for that.
We’d just tell our customer to enable third-party cookies.
A real conversation I had last week about ad blockers, Google vignette ads, and our sites becoming unresponsive. FML
Real shit.
I spent like a week debugging until I was told “yeah make sure you enable that setting”.
That’s a bad system. Learn some proper security practices.
Are iframes still popular?
Granted I don’t poke around in a lot of websites these days but it feels like it’s been a while since I’ve seen one in the wild.
It’s terrifying to me that you work for a med lab system that is reliant on third party tracking cookies.