Safari in New Versions of iOS and macOS Includes Full Third-Party Cookie Blocking
Safari in macOS 10.15.4 and iOS and iPadOS 13.4 includes enhancements to Apple's Intelligent Tracking Prevention feature that allow for full third-party cookie blocking, Apple's WebKit team said today in a new blog post.
Cookies for cross-site resources are blocked by default in the new versions of Safari, introducing significant privacy improvements because it further cuts down on cross-site tracking functionality.
It might seem like a bigger change than it is. But we've added so many restrictions to ITP since its initial release in 2017 that we are now at a place where most third-party cookies are already blocked in Safari. To keep supporting cross-site integration, we shipped the Storage Access API two years ago to provide the means for authenticated embeds to get cookie access with mandatory user control. It is going through the standards process in the W3C Privacy Community Group right now.
The new cookie blocking feature makes sure there's no Intelligent Tracking Prevention state that can be detected through cookie blocking behavior as it removes statefulness, and it also prevents an attacker from seeing ITP status.
Safari's default cookie policy requires a third-party to have "seeded" its cookie jar as first-party before it can use cookies as third-party. This means the absence of cookies in a third-party request can be due to ITP blocking existing cookies or the default cookie policy blocking cookies because the user never visited the website, the website's cookies have expired, or because the user or ITP has explicitly deleted the website's cookies.
Thus, the absence of cookies in a third-party request outside the attacker's control is not proof that the third-party domain is classified by ITP.
Safari is the first mainstream browser to fully block third-party cookies by default, and Apple's WebKit team wants to pave the way for other browsers to do the same, so it plans to report on the experiences of full third-party cookie blocking to W3C privacy groups in an effort to help other browsers make the change as well.
More info on the changes implemented in Safari for iOS, iPadOS, and macOS today can be found in the full blog post.
Popular Stories
Apple released iOS 16.3 in late January following nearly six weeks of beta testing. The software update is available for the iPhone 8 and newer, and while it is a relatively minor update, it still includes a handful of new features, changes, and bug fixes.
Below, we've recapped new features in iOS 16.3, including support for physical security keys as a two-factor authentication option for...
Apple's VP of hardware engineering Matthew Costello and product marketing employee Alice Chan recently spoke with Men's Journal and TechCrunch about the new second-generation HomePod in wide-ranging interviews about the smart speaker.
Apple discontinued the original full-size HomePod in March 2021 after multiple reports indicated that sales of the speaker were lackluster, but Chan told Men's ...
Apple's next device with an Apple silicon chip may not be a Mac or an iPad, but rather an advanced external display, according to recent reports.
The display, which is rumored to arrive this year, is expected to sit somewhere between the $1,599 Studio Display and the $4,999 Pro Display XDR – but more exact information about the device's positioning and price point is as yet unknown. While ...
Apple appears to be preparing an iOS 16.3.1 update for the iPhone, based on evidence of the software in our website's analytics logs this week. It's unclear when the update will be released, but it will likely be available at some point in February.
The same logs have accurately foreshadowed the release of several previous updates, including iOS 16.0.3 and iOS 16.1.1 most recently, so they...
Apple has previously announced several upcoming iOS features that are expected to be added to the iPhone this year. Some of the features could be introduced with iOS 16.4, which should enter beta testing soon, while others will arrive later in the year.
Below, we have recapped five new iOS features that are expected to launch in 2023, such as an Apple Pay Later financing option for purchases ...
The Apple Pay Later service that Apple has in the works is set to launch "soon," Apple CEO Tim Cook told CNBC ahead of today's earnings call for the first fiscal quarter of 2023.
Cook said that Apple employees are beta testing the Apple Pay Later feature, which will help Apple boost services revenue. "It will be launching soon," Cook said.
Apple Pay Later was first previewed at the...
Google's Chromium developers are working on an experimental web browser for iOS that would break Apple's browser engine restrictions, The Register reports.
The experimental browser, which is being actively pursued by developers, uses Google's Blink engine. Yet if Google attempted to release it on the App Store, it would not pass Apple's App Review process.
Apple's App Store rules dictate...
Top Rated Comments
While no company is perfect, it is a true gift to have the largest and best consumer tech company care so much about our privacy. There’s more money in selling us out, so I am grateful for the people of Apple taking a stand on principle.