What happens if there are no third-party cookies?

A browser open at “viewer.org” showing a web page with a broken image icon
A third party context showing a broken image.
  • The third party client can know whether or not the user can currently see an image on the first party site. This doesn’t mean having any access to content of or credentials for that image; the third party context cannot see those. It uses a simple protocol and the postMessage API to allow the first party context to convey just the fact of whether or not the user can see the image.
  • Once a session is established, and following rules for SameSite cookies, the third party client will send the first party’s cookies.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store