Holy third party cookies batman

Anonymous

2 years ago

Yeah, Chrome’s new indicator made me decide to just block all third party cookies within chrome, no extension needed. I mean, just lock everything out, that won’t mess anything up, right? I mean, if you suspect a security problem, just force everyone to reset their password and break SSO, right? That’s what you do, right?

@A11ey, that’s how cookies work. Any website in the domain can set a cookie and it’ll be available to the other sites in the domain. So if I go to logicmonitor.com and it sets a cookie, that cookie would be available at community.logicmonitor.com, and vice versa. It’s not something I set, it’s how cookies work. Those are both 1st party cookies. Check any social embeds that are on the community site. Most of it is tracking stuff so places like LinkedIn will know that I visited your site and will try to serve me content that matches. That’s how Facebook knows that you searched for blenders on Amazon and presents ads for blenders on Amazon in your Facebook feed. It’s a huge privacy violation because most people don’t know that it’s happening.

What it also means is that if i go to myportal.logicmonitor.com and also go to mysandboxportal.logicmonitor.com, each could set a cookie. I could then go to the non-existent login.logicmonitor.com and sign into any of my portals with one click the same way google does when you’re signed into multiple accounts.

Forum Discussion

Related Content

Re: Complex Datapoints - Nested if / elseif possible w/o scripting?

Re: Known Issues - Launch

Enable retrieval of device list by system group in the LM Ansible lm_info module

Re: Dashboard Audit

Re: Introduce Yourself!

Recent Discussions

Minor community feedback

Anyone else have issues logging into these new forums with Firefox?

Assistance Request to Resolve "No Data" Error on Devices Monitored via Batchscript in Collectors

Did the job board go away?

Issue Adding Tags?