Reputation: 309
By what mechanism is a third-party cookie placed, and how does it have access to, say, what you just searched for?
I understand the concept of third-party cookies, but don't understand by what mechanism they are placed (if you're visiting Domain A in our browser, why is it that not all cookies placed have to come from Domain A?). Furthermore, I don't understand how they have access to, say, search parameters? (I'm referring to the common occurance of, say, searching for "buy a watch" on Website A and then visiting a Website B later and seeing advertisements for watches).
Any help would be appreciated!
Upvotes: 0
Views: 1139
Answers (2)
Reputation: 52280
I understand the concept of third-party cookies, but don't understand by what mechanism they are placed (if you're visiting Domain A in our browser, why is it that not all cookies placed have to come from Domain A?).
A site sets the cookie by sending a cookie header along with the page content. They look like this:
Set-Cookie: NAME=VALUE; expires=DATE; path=/; domain=.stackoverflow.com; secure
As you can see, the cookie header includes a parameter that allows the site to set the domain to anything it wishes, even domains that differ from the web server's actual domain. When they differ, it's called a third party cookie. It's up to the browser to decide whether to accept them.
Furthermore, I don't understand how they have access to, say, search parameters? (I'm referring to the common occurance of, say, searching for "buy a watch" on Website A and then visiting a Website B later and seeing advertisements for watches)
Typically the cookie will set an identifier that represent you as a unique viewer on the web site, then start a database on the back end that tracks where you've been. Different parties share access to this database (via B2B web services on a paid basis). They can use your cookie to get your ID, look you up in the database, and see where you've been and what kind of products you've viewed.
Upvotes: 1
Reputation: 39004
Third-party cookies are placed by 3rd-party content. That is to say an image, iframe or other resource coming from a domain other than the page you're on (like an ad from an ad server).
Third-party cookies cannot access information from the main site directly but no technical means prevents the first and third parties from sharing that data with each other behind the scenes (ie, through corporate deals). Then again, for all you know company A owns company B or vice-versa.
Therefore in the example you provided company A would trade or sell your search queries to company B and they'd use some sort of identification process to match the results (like the time and IP of the request).
Upvotes: 2
Related Questions
- How does cookie-based authentication work?
- How do Third-Party "tracking cookies" work?
- Regarding third-party cookies, who is a "second party"?
- How Do Internet Advertisers Use Third-Party Cookies?
- How can third party cookies know which sits a user have visited?
- How are cookies sent to a website
- How does google set first party cookies for analytics tracking?
- third party cookies trackers
- How does a browser transfers a cookie to server?
- How do cookies work?