• lemmyvore@feddit.nl
      link
      fedilink
      English
      arrow-up
      36
      ·
      1 year ago

      Good in what sense? Firefox is already blocking third party cookies as part of its enhanced tracking protection (which you should set to “strict” level, go do that right now if you didn’t already).

      • AbidanYre@lemmy.world
        link
        fedilink
        English
        arrow-up
        9
        ·
        1 year ago

        Other browser makers such as Apple, Brave, and Mozilla have already begun blocking third-party cookies by default. Google Chrome and Microsoft Edge provide that option, just not out of the box.

        Chrome is behind the curve on this.

  • Pxtl@lemmy.ca
    link
    fedilink
    English
    arrow-up
    46
    arrow-down
    12
    ·
    1 year ago

    Kill third party everything. No more CDNs, no more tracking pixels, no more cookies, no more content from anything but the domain in the url bar.

      • barsoap@lemm.ee
        link
        fedilink
        English
        arrow-up
        7
        arrow-down
        2
        ·
        edit-2
        1 year ago

        Any CDN worth its salt can run on your domain so that’s not an issue. The issue is that no third-party anything is pointless as links will just change from nyt.adnetwork.com to adnetwork.nyt.com. I’d rather not encourage those kinds of DNS shenanigans.

        • LufyCZ@lemmy.dbzer0.com
          link
          fedilink
          English
          arrow-up
          3
          ·
          1 year ago

          What about a CDN for JS libraries?

          What about YouTube embeds?

          What about images from Imgur?

          Why should all of this be handled by me, on my domain?

          • barsoap@lemm.ee
            link
            fedilink
            English
            arrow-up
            3
            ·
            edit-2
            1 year ago

            You’d tell cloudflare DNS “yo put your stuff on cloudflare-cdn.mydomain.foo”. Embeds should be iframes, that is, different webpages, imgur could do the same though yes it’s overkill. Another option would imgur offering an automated API that would allow cloudflare DNS to tell it “here’s a key, please get ready to serve on imgur-cdn.mydomain.foo”.

            It can all be handled on your domain without you actually running the backing servers. It’s also insanity.

        • Aux@lemmy.world
          link
          fedilink
          English
          arrow-up
          3
          arrow-down
          1
          ·
          1 year ago

          Running a CDN on your domain effectively defeats the purpose of CDN.

          • barsoap@lemm.ee
            link
            fedilink
            English
            arrow-up
            2
            ·
            1 year ago

            No. Things being on your domain doesn’t mean that traffic hits your servers.

            • Aux@lemmy.world
              link
              fedilink
              English
              arrow-up
              1
              arrow-down
              2
              ·
              1 year ago

              It doesn’t, but it defeats the purpose of CDN, because your users still hit your domain instead of CDN one and cannot leverage the benefits of distributed caching. Browser cache is bound to a URL, you change one letter and it is invalidated.

              • barsoap@lemm.ee
                link
                fedilink
                English
                arrow-up
                1
                ·
                edit-2
                1 year ago

                Why would the URL change?

                It won’t share js libraries and fonts and whatnot cross-site but compared to a single image that should be negligible. At least if you don’t pull in gazillions of superfluous dependencies and don’t even run dead code elimination over them. And anyway that’s more bandwith usage between user and CDN, not user and you.

                Also I already said that it’s insanity. But it would work.

                • Aux@lemmy.world
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  arrow-down
                  2
                  ·
                  1 year ago

                  Because you’re not using a CDN URL everyone else is.

                  Savings are massive for the user. If you don’t care about your users, please stop doing anything development related.

        • ilinamorato@lemmy.world
          link
          fedilink
          English
          arrow-up
          17
          ·
          1 year ago

          CDNs like CloudFlare reduce load on smaller servers through caching and delivery of common assets, which reduces load times (helping to democratize sites as it’s not just big companies that can afford quick websites). CDNs also prevent DDoS attacks and can improve uptime.

          They’re pretty critical pieces of internet architecture. Not that they’re perfect, but banning all third party content from sites is kind of a baby/bathwater situation.

          • lemmyingly@lemm.ee
            link
            fedilink
            English
            arrow-up
            13
            ·
            1 year ago

            CDNs also reduce load on the network. Why pull a resource from a server on the opposite side of the world when a CDN on my ‘door step’ can provide a cached version of it.

        • Aux@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          arrow-down
          1
          ·
          1 year ago

          The purpose of a CDN is to better cache common resources between different web sites. For example, if you’re using a Roboto font from Google CDN on your web site, just like many other web sites do, the user who previously visited other sites with such font will load your web site much faster and will spend less traffic, because he already has this font from CDN in their cache. It also means that you save money on hosting.

          If you remove CDN from the equation, you punish yourself and your users. That’s a very dumb idea. Especially when CDNs are free to use.

      • Black616Angel@feddit.de
        link
        fedilink
        English
        arrow-up
        13
        ·
        1 year ago

        But that is a lot harder to do and requires more resources.

        If you have a tracking pixel now, the company directly knows your browser from you downloading that pixel. If they were to implement the single-backend stuff, the site would have to gather all that information themselves and then send it to all the trackers. But they can’t just send it somewhere, because then everyone could send bogus info to them so you need verification and an api and that is costly and each company would build their own api so you need to buy a program that speaks all those apis… You get the point. It’s a LOT more work than just pasting the text for some pixel somewhere on your site and let the others do the rest.

        • remotelove@lemmy.ca
          link
          fedilink
          English
          arrow-up
          4
          ·
          edit-2
          1 year ago

          Google would never do that. Google is: “Streamlining products to ensure business owners can expand on potential revenue sources by providing single-channel access to advanced site analytics while helping people optimize access to the broad landscape of available data sources.”

          Randomly insert “Advanced Next Generation AI” anywhere in the above for full effect.

      • BarrierWithAshes@kbin.social
        link
        fedilink
        arrow-up
        2
        ·
        1 year ago

        I’m thinking more along the lines of the aggressive cookies sites like Facebook and Tiktok use. For FB that’s like their whole model.

  • AutoTL;DR@lemmings.worldB
    link
    fedilink
    English
    arrow-up
    10
    ·
    1 year ago

    This is the best summary I could come up with:


    With the publication of its notice of intent to deprecate and remove third-party cookies, those involved in the development of Google’s Chrome browser and its associated Chromium open source project now have more specific guidance.

    As Google senior software engineer Johann Hofmann observed in his aforementioned notice, the phaseout of third-party cookies and shift to Privacy Sandbox technology – in Chrome at least – is a significant change in the status quo.

    The impact of replacing the technical foundation of internet advertising while marketers are still doing business on the premises hasn’t been lost on regulators, who have been trying to ensure that Google builds a level-playing field – something critical lobbying groups have disputed.

    Thus Google has agreed to make specific commitments to the UK’s Competition and Markets Authority (CMA) to allay concerns that the Privacy Sandbox doesn’t become a killzone for competitors.

    While it seems unlikely that watchdogs want to ensure that every marketer operates from an equal level of informational wealth, competitors have a unique opportunity to hamstring the ad giant by raising the alarm amid its antitrust trials and inquiries around the globe.

    “The web in general is rapidly moving away from third-party cookies, with Firefox and Safari leading the way,” said EFF senior staff technologist Jacob Hoffman-Andrews in an email to The Register.


    The original article contains 1,739 words, the summary contains 218 words. Saved 87%. I’m a bot and I’m open source!

  • vermyndax@lemmy.world
    link
    fedilink
    English
    arrow-up
    2
    ·
    1 year ago

    Isn’t it sad that they referred to them as “Google Chrome coders” and not “web developers?”

    Tells me everything I need to know.

      • pastermil@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        5
        arrow-down
        8
        ·
        1 year ago

        web developer for a med lab system that integrates quite a bit of stuff to hospital admin portals thru iframe.

        • _wizard@lemmy.world
          link
          fedilink
          English
          arrow-up
          11
          arrow-down
          1
          ·
          1 year ago

          Today’s dev call consisted of how iframes are tanking subresource integrity audit.

            • _wizard@lemmy.world
              link
              fedilink
              English
              arrow-up
              3
              arrow-down
              1
              ·
              1 year ago

              A real conversation I had last week about ad blockers, Google vignette ads, and our sites becoming unresponsive. FML

              • pastermil@sh.itjust.works
                link
                fedilink
                English
                arrow-up
                1
                arrow-down
                2
                ·
                1 year ago

                Real shit.

                I spent like a week debugging until I was told “yeah make sure you enable that setting”.

        • lemmyingly@lemm.ee
          link
          fedilink
          English
          arrow-up
          2
          ·
          1 year ago

          Are iframes still popular?

          Granted I don’t poke around in a lot of websites these days but it feels like it’s been a while since I’ve seen one in the wild.

        • Aux@lemmy.world
          link
          fedilink
          English
          arrow-up
          4
          arrow-down
          2
          ·
          1 year ago

          That’s a bad system. Learn some proper security practices.

        • vermyndax@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          It’s terrifying to me that you work for a med lab system that is reliant on third party tracking cookies.