Chrome extensions and third party cookies alternative

Asked 1/8, 2021 at 12:35 Answered 14/12, 2022 at 0:40

google-chrome-extension third-party-cookies

On mid-2022 Google plans to disable third party cookies by default. My use with 3rd party cookies is through google chrome extension (not for ads service)

I use an Iframe to translate some words on the document.

It looks something like this:

I have a chrome extension that loads an Iframe (In red)
The Iframe (in green) is under my domain x.com (i wish)
Each request that goes from my iframe client to the server is attaching cookie, but from mid-2022 it will be blocked due to chrome policy change and considering that the cookies are 3rd party

I have tried to find solution for this, All I have found for now is TheTradeDesk Unified ID 2.0 but it will not help me since it's not store value / jwt (its anonymous id)

But could't find any other solution Any ideas how to handle this?Thanks in advance.

Kunkle answered 1/8, 2021 at 12:35 Comment(1)

Did you find a solution? This is coming to bite me and my yet to be released extension, and I figured I should face the issue upfront. – Fanchon 28/1 at 14:43

A good news is that Google keeps postponing the timeline for removing 3rd party cookies from Chrome. Right now (Dec 2022) it's planned for the second half of 2024 (https://blog.google/products/chrome/update-testing-privacy-sandbox-web/).

Eventually, we'll need a workaround, though. As @schmkr mentioned, Chrome extension's own code (background page / service worker, and iframes sources from the embedded HTML via chrome://... URLs) are not considered 3rd party. So there are two workarounds:

Pack your iframe app (html/js) as a part of the chrome extension instead of loading it from the external website (x.com in your example).
Keep the iframe app externally sourced, but change its logic. It should not send XHR/Fetch requests any more. Instead it should ask the extension background page / service worker to do that (using the messaging API).

Nisbet answered 14/12, 2022 at 0:40 Comment(0)

We're also facing something similar, where we noticed if you have your browser configured to block 3rd party cookies, functionality regarding authentication did not work.

This afternoon, we followed a hunch to try and see if the setting to block 3rd party cookies also has an effect on an extension's background page (we're still using manifest v2). And turns out, it is not. So even with 3rd party cookies being blocked, requests made from the extension's background page can still use them.

Not sure if this is by design or a bug. And we still need to investigate how this works with manifest v3.

But hope this helps!

Cantillate answered 3/8, 2022 at 15:48 Comment(1)

what did you find out on manifest v3? – Remunerate 26/7 at 9:51

Recommended topics

Hot tags