Page MenuHomePhabricator

Don't set cookies in traffic layer for non-user facing domains (avoid false third-party cookie warning)
Open, MediumPublic

Description

In the Javascript console (at Firefox browsers) presents error messages like "Request to access cookie or storage on “<URL>” was blocked because we are blocking all third-party storage access requests and content blocking is enabled."

This concerns:

Browsers cannot know that the Wikimedia, Wikipedia and the sister domains are operated by the same foundation. Maybe the domain usage should be changed for instance to en.wikivoyage.org/intake-analytics/, en.wikivoyage.org/commons/, en.wikivoyage.org/wikidata/ and so on. I think it is not a problem to create domain aliases.

Event Timeline

Those urls don't need to change. We just need to stop accidentally setting cookies on them. I'm 99% sure this is just coming from things like "Geo" and "LastVisit" being set on all traffic.

Several browsers already block these and that's working just fine. They are not intentionally set. At this point it's just noise seen by tech-savvy users looking at developer consoles, which would be good to fix to avoid confusion but otherwise is harmless.

ArielGlenn triaged this task as Medium priority.Sep 28 2020, 9:39 AM
Krinkle renamed this task from Blocking all third-party storage access requests to Don't set cookies in traffic layer for non-user facing domains (avoid false third-party cookie warning).Jan 26 2021, 5:02 PM
Krinkle updated the task description. (Show Details)
Krinkle updated the task description. (Show Details)
Krinkle removed a project: Performance-Team (Radar).
BBlack added a subscriber: BBlack.

The swap of Traffic for Traffic-Icebox in this ticket's set of tags was based on a bulk action for all such tickets that haven't been updated in 6 months or more. This does not imply any human judgement about the validity or importance of the task, and is simply the first step in a larger task cleanup effort. Further manual triage and/or requests for updates will happen this month for all such tickets. For more detail, have a look at the extended explanation on the main page of Traffic-Icebox . Thank you!