• archchan@lemmy.ml
      link
      fedilink
      arrow-up
      5
      ·
      1 year ago

      That’s still good practice but first party cookies aren’t exactly trustworthy either. IMO, best to whitelist what you trust and use, permablock what you don’t, and auto-wipe the rest.

        • Daniel@lemmy.mlOP
          link
          fedilink
          English
          arrow-up
          2
          ·
          1 year ago

          Cookies used by the site, third party would be cross origin.

          (I think)

            • 0xD@infosec.pub
              link
              fedilink
              arrow-up
              2
              ·
              1 year ago

              To be precise, first-party and third-party just means whether the cookie set is for the domain you are currently on, or for another one. The latter do not have to be tracking cookies, but are often used as such. You can see the cookies that your browser is storing for a specific site by visiting it and looking at them in the developer tools (Storage or Application tab, depending on browser). Under the “domain” column you can see what domain it is for.

              Furthermore, there you can look at the Local Storage and Session Storage tables which are also often used to store tracking data but are not prevented by cookie deletion.