{"id":24407,"date":"2019-02-22T16:18:59","date_gmt":"2019-02-22T21:18:59","guid":{"rendered":"https:\/\/mjtsai.com\/blog\/?p=24407"},"modified":"2019-02-22T18:15:03","modified_gmt":"2019-02-22T23:15:03","slug":"intelligent-tracking-prevention-2-1","status":"publish","type":"post","link":"https:\/\/mjtsai.com\/blog\/2019\/02\/22\/intelligent-tracking-prevention-2-1\/","title":{"rendered":"Intelligent Tracking Prevention 2.1"},"content":{"rendered":"<p><a href=\"https:\/\/webkit.org\/blog\/8613\/intelligent-tracking-prevention-2-1\/\">Apple<\/a> (<a href=\"https:\/\/news.ycombinator.com\/item?id=19219478\">Hacker News<\/a>, <a href=\"https:\/\/www.macrumors.com\/2019\/02\/21\/safari-ios-12-2-intelligent-tracking-prevention\/\">MacRumors<\/a>):<\/p>\n<blockquote cite=\"https:\/\/webkit.org\/blog\/8613\/intelligent-tracking-prevention-2-1\/\">\n<p>As of ITP 2.1, partitioned cookies are no longer supported and third-parties classified with cross-site tracking capabilities now have to use the Storage Access API to get any cookie access.<\/p>\n<p>[&#8230;]<\/p>\n<p>Cookies can either be set in HTTP responses or through the document.cookie API, the latter sometimes referred to as client-side cookies. With ITP 2.1, all persistent client-side cookies, i.e. persistent cookies created through document.cookie, are capped to a seven day expiry.<\/p>\n<p>[&#8230;]<\/p>\n<p>WebKit implemented partitioned caches more than five years ago. A partitioned cache means cache entries for third-party resources are double-keyed to their origin and the first-party eTLD+1. This prohibits cross-site trackers from using the cache to track users. Even so, our research has shown that trackers, in order to keep their practices alive under ITP, have resorted to partitioned cache abuse. Therefore, we have developed the verified partitioned cache.<\/p>\n<\/blockquote>\n\n<p>This all sounds good, but in practice ITP seems to get in the way of sites that I <em>do<\/em> want to remember me. There are some that I visit just once or twice a month (e.g. to pay a bill) that now treat my Mac as a brand new device (requiring extra authentication via security questions or SMS) every single time. As far as I know, there is no way to tell Safari to trust a particular site and always remember its cookies. So it&rsquo;s either put up with a worse user experience or use a different browser.<\/p>\n\n<p>Previously: <a href=\"https:\/\/mjtsai.com\/blog\/2019\/02\/07\/apple-is-removing-do-not-track-from-safari\/\">Apple Is Removing &ldquo;Do Not Track&rdquo; From Safari<\/a>.<\/p>","protected":false},"excerpt":{"rendered":"<p>Apple (Hacker News, MacRumors): As of ITP 2.1, partitioned cookies are no longer supported and third-parties classified with cross-site tracking capabilities now have to use the Storage Access API to get any cookie access. [&#8230;] Cookies can either be set in HTTP responses or through the document.cookie API, the latter sometimes referred to as client-side [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"apple_news_api_created_at":"2019-02-22T21:19:02Z","apple_news_api_id":"9b76e5c4-9b92-4e1c-a870-7ccee7ebd617","apple_news_api_modified_at":"2019-02-22T23:15:08Z","apple_news_api_revision":"AAAAAAAAAAAAAAAAAAAAAA==","apple_news_api_share_url":"https:\/\/apple.news\/Am3blxJuSThyocHzO5-vWFw","apple_news_coverimage":0,"apple_news_coverimage_caption":"","apple_news_is_hidden":false,"apple_news_is_paid":false,"apple_news_is_preview":false,"apple_news_is_sponsored":false,"apple_news_maturity_rating":"","apple_news_metadata":"\"\"","apple_news_pullquote":"","apple_news_pullquote_position":"","apple_news_slug":"","apple_news_sections":"\"\"","apple_news_suppress_video_url":false,"apple_news_use_image_component":false,"footnotes":""},"categories":[2],"tags":[31,1610,30,1609,355,103,96,328],"class_list":["post-24407","post","type-post","status-publish","format-standard","hentry","category-technology","tag-ios","tag-ios-12","tag-mac","tag-macos-10-14","tag-privacy","tag-safari","tag-web","tag-webkit"],"apple_news_notices":[],"_links":{"self":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/24407","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/comments?post=24407"}],"version-history":[{"count":1,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/24407\/revisions"}],"predecessor-version":[{"id":24408,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/24407\/revisions\/24408"}],"wp:attachment":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/media?parent=24407"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/categories?post=24407"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/tags?post=24407"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}