A lot of people are discussing how to avoid tracking of persons across websites. Especially when it comes to like buttons and such stuff. But it can be really easy:
Create a "cookie jar" by pinning a cookie not just to the domain it comes from (as it happens already), but also by pinning the cookie to the domain of the website that DDE the cross-request and loaded the other content.
You go to vivaldi.net and get a cookie from vivaldi.net's server then that cookie is pinned to vivaldi.net. Now the website also loads some code from google.com and google.com also sets a cookie. Now you pin that cookie to the combination of vivaldi.net/google.com.
Next time when you go to somedomain.com and it pulls in some code from google.com then the browser finds a cookie from google.com but that cookie is not pinned to the combination somedomain.com/google.com but to vivaldi.net/google.com instead so it is not returned by the browser and google.com sets a new cookie for the combination somedomain.com/google.com.
As we now return cookies based on the combination of the main site where they were set and the domain that set them, all we have to do is to not sent referers when they don't belong to the same domain and the whole tracking is dead.
Yes, it would break the functionality of Facebook or WhatsApp's tracking, but I don't care as I don't use them anyway. And the feature could just be made dynamic so that it can be turned on and off and also keep an editable database of domain/cookie-domain combinations to allow certain cookie-domains to work if necessary.
derDay last edited by
don't you describe the function of third-party-cookies? For me it seems so, and you can already block third-party-cookies
Pesala last edited by
Does blocking third-party cookies not already do what you want?