apple safari third party cookies

Apple updates Safari’s anti-tracking tech with full third-party cookie blocking

Beating google by two years to the privacy feature.

By Nick Statt , is a Senior Producer on Decoder. Previously, he wrote about technology and gaming for Naavik, Protocol, and The Verge.

Share this story

Apple on Tuesday released a major update to its Safari Intelligent Tracking Prevention (ITP), the privacy feature that allows the company’s web browser to block cookies and prevent advertisers from snooping on your web habits. According to Apple’s John Wilander, the WebKit engineer behind the feature, Safari now blocks all third-party cookies . That means that, by default, no advertiser or website is able to follow you around the internet using the commonplace tracking technology.

It’s a significant milestone for web privacy, and it puts Apple’s browser officially two whole years ahead of Chrome, after Google said in January that it would start phasing out third-party cookies but not fully until some time in 2022.

“Cookies for cross-site resources are now blocked by default across the board. This is a significant improvement for privacy since it removes any sense of exceptions or ‘a little bit of cross-site tracking is allowed,’” Wilander notes in the announcement post on the blog for WebKit, which is Apple’s in-house browser engine that powers many of its features under the hood.

Wilander notes that users might not notice a big change because ITP has been doing this more or less already. “It might seem like a bigger change than it is. But we’ve added so many restrictions to ITP since its initial release in 2017 that we are now at a place where most third-party cookies are already blocked in Safari.”

• How to use Safari’s tools to protect your privacy while browsing
• How your browser protects your privacy
• Advertisers are furious with Apple for new tracking restrictions in Safari 11

Apple first launched ITP within Safari nearly three years ago, where it immediately set a new bar for web privacy standards on both desktop and mobile by blocking some, but not all, cookies by default. Alongside the substantial privacy work of Mozilla’s Firefox, which also blocks third-party cookies by default as of last summer , Apple has been pioneering a machine learning approach to web tracking prevention that has made Safari one of the most widely used and secure web tools available.

In addition to blocking third-party cookies across the board and by default, Wilander says ITP now has safeguards against trackers using the very nature of tracking prevention as a way to keep tabs on users . He adds that the new feature set also ensures that websites and trackers can’t use login IDs to digitally fingerprint users who might otherwise be using tracking prevention or other privacy tools.

Wilander thanks Google for helping Apple improve ITP

“Full third-party cookie blocking makes sure there’s no ITP state that can be detected through cookie blocking behavior. We’d like to again thank Google for initiating this analysis through their report,” he writes, referencing Google’s research published earlier this year on ITP that revealed the possibility of using some elements of it as a fingerprint. (Apple had to disable the Do Not Track feature in Safari in 2019 for similar reasons.)

Wilander goes on to detail some other, more technical elements of the ITP update. But in general, he says Safari is again setting a new bar for web privacy that he and Apple hope other companies will follow.

“Safari continues to pave the way for privacy on the web, this time as the first mainstream browser to fully block third-party cookies by default. As far as we know, only the Tor Browser has featured full third-party cookie blocking by default before Safari, but Brave just has a few exceptions left in its blocking so in practice they are in the same good place. We know Chrome wants this behavior too and they announced that they’ll be shipping it by 2022,” he writes. “We will report on our experiences of full third-party cookie blocking to the privacy groups in W3C to help other browsers take the leap.”

Tesla recalls all 3,878 Cybertrucks over faulty accelerator pedal

The invisible seafaring industry that keeps the internet afloat, meta’s battle with chatgpt begins now, us air force confirms first successful ai dogfight, samsung shifts executives to six-day workweeks to ‘inject a sense of crisis’.

More from Policy

The EU’s tough new moderation rules are about to cover a lot more of the internet

Apple unbanned Epic so it can make an iOS games store in the EU

New bill would let defendants inspect algorithms used against them in court

Kids Online Safety Act gains enough supporters to pass the Senate

Apple blocks third-party cookies in Safari

Starting today, with the release of Safari 13.1 and through updates to the Intelligent Tracking Prevention (ITP) privacy feature, Apple now blocks all third-party cookies in Safari by default.

The company's move means that online advertisers and analytics firms cannot use browser cookie files anymore to track users as they visit different sites across the internet.

But Apple says the move isn't actually a big deal, since they were already blocking most third-party cookies used for tracking anyway.

"It might seem like a bigger change than it is," said John Wilander, an Apple software engineer. "But we've added so many restrictions to ITP since its initial release in 2017 that we are now at a place where most third-party cookies are already blocked in Safari."

Second browser to block third-party cookies for all users

Apple's Safari has now become the second browser -- after the Tor Browser -- to block all third-party cookies by default for all its users.

However, while Apple was quicker to block third-party cookies in Safari, Google is actually the one who pushed browser makers towards making this move in the first place, in a May 2019 blog post .

At the time, Google announced plans to block third-party cookies by default in Chrome and in the Chromium open-source project, on which multiple other browsers are built.

Google released Chrome v80 at the start of February with support for third-party cookie blocking (under the name of SameSite cookies ), but the feature won't fully roll out to all Chrome's users until 2022 .

Microsoft's Edge, which runs a version of Google's Chromium open-source browser has also begun gradually blocking third-party cookies as well, but the feature is not enabled by default for all its users either.

Apple's decision today doesn't mean that Safari now blocks all user tracking, but only tracking methods that rely on planting a cookie file in Safari and (re-)checking that cookie time and time again to identify the user as he moves from site to site.

Other user tracking solutions, such as user/browser fingerprinting, will most likely continue to work.

A small step forward for web privacy

Nonetheless, this is a major step in the right direction. With Google, Safari, Microsoft, and all the other Chromium-based browsers on board, now, the vast majority of current web browsers block third-party cookies or are on their way towards full blocks.

"This update takes several important steps to fight cross-site tracking and make it more safe to browse the web," Wilander explained in a Twitter thread today .

"First of all, it paves the way. We will report on our experiences of full third-party cookie blocking to the privacy groups in W3C to help other browsers take the leap.

"Second, full third-party cookie blocking removes statefulness in cookie blocking.

"Third, full third-party cookie blocking fully disables login fingerprinting, a problem on the web described already 12 years ago. Without protection, trackers can figure out which websites you're logged in to and use it as a fingerprint," Wilander added.

"Fourth, full third-party cookie blocking solves cross-site request forgeries. This is one of the web's original security vulnerabilities and discussed in communities like OWASP for well over a decade. Those vulnerabilities are now gone in Safari."

More on the move and what it means to developers and website owners is available in the WebKit team's blog post .

All the Chromium-based browsers

The best vpns for iphone and ipad: expert tested, the best secure browsers to protect your privacy online in 2024, apple warns of mercenary spyware attacks against iphone users. should you be worried.

• Apple Pencil
• Apple Watch
• All Smart TVs

In This Article

Does safari support third-party cookies, how do i allow third-party cookies on safari, how do i stop safari from blocking third-party cookies, related articles, enable third-party cookies on safari [mac – iphone – ipad].

Updated on: February 08, 2024

First of all, what are third-Party cookies?

Third-party cookies are created by websites other than the one you are visiting. As the name suggests (third-party), they are made by external parties focused on advertising, retargeting, and providing tracking services .

Like standard cookies, third-party cookies store information about the user that the domain that collects them can use later.

Unlike first-party cookies, which try to improve the user experience on the web, third-party cookies are focused on enhancing online marketing, primarily through image advertising. They save user information that includes: gender, age, and user behavior (to determine things like what the users favor and what they avoid.)

The cookies present personalized ads that promote online marketing campaigns based on the user information collected. You can decide whether enable third-party cookies on your web browser or block them.

In this article, you will learn how to enable third-party cookies on Safari .

Safari is one of the most prominent web browsers currently in use. It is the default web browser for Apple devices. For security reasons, third-party cookies are blocked on Safari by default.

However, you can enable third-party cookies on Safari by following a few simple steps on any of your Apple devices. Whether you have a MacBook, an iPhone, or an iPad, let’s talk about enabling the cookies.

Here are the steps to enable third-party cookies on Safari. IOS (iPhone and iPad) settings are the same because they share the same operating system.

Allow Third-party Cookies On Mac

Launch the Safari browser by clicking its icon (it looks like a blue compass).

Click “Safari ”, which is next to the Apple icon.

A dropdown menu will appear from which you can select “Preferences” .

Click the “Privacy” tab, which is in the top panel.

Navigate to “Cookies and Website Data” and un-tick the option “Block all cookies” . This will allow 3rd party cookies on Safari.

Allow Third-Party Cookies on iPhone/iPad iOS 11

Go to “Settings” .

Scroll down to “ Safari ” and click on it.

Under “Privacy and Security” turn off “Prevent Cross-Site Tracking ”. Also, turn off “Block All Cookies” (Turning off makes the green bar go white.)

Do you know you can also use Safari to do reverse image search on Mac ?

Allow Third Party Cookies on iPad iOS 10 and others

Scroll down to Safari and click on it.

Under “Privacy and Security”, click on “ Block All Cookies ” .

Select “Always Allow” or “Allow from Websites I Visit” from the dropdown menu. This will allow 3rd party cookies on Safari.

Safari is set to block third-party cookies automatically. However, if you use a MacBook and need the browser to stop blocking third-party cookies, you can follow the steps mentioned above to enable third-party cookies on Safari.

At step five, deselect the option “Block Cookies” under the cookies and website data. However, this option allows cookies from all websites to be displayed, which might disrupt your browsing experience.

To cut down the number of websites that display cookies, you can check the option “Allow from websites I visit.” With this option, Safari won’t be able to block third-party cookies on the websites you visit frequently with this option enabled, allowing you to browse uninterrupted and conveniently.

• Change Privacy preferences in Safari on Mac
• Manage Cookies and Website Data in Safari on Mac
• 9+ Best Web Browsers for Mac
• Best Web Browsers for Apple TV
• Change Default Browser in Windows 11
• Best Database Software For Mac

Kimanthi Sammy

Kimanthi Sammy is a tech enthusiast and writer passionate about web development, design, video games, software, and tech in general. She combines creativity with technical prowess to produce captivating and informative content.

Don’t Miss…

• Legal Notice
• Terms & Conditions
• Privacy Policy

A project by Alvaro Trigo

Apple updates Safari on iOS and Mac to block third-party cookies

Safari is getting better at protecting you on the web.

Safari is blocking third-party cookies. 

Annoyed at how much data companies gather from your web browsing? Apple's giving Safari on iOS and MacOS an update to help. 

Announced Tuesday by Apple WebKit engineer John Wilander in a blog post on the WebKit site, the move fully blocks third-party cookies, bringing the latest version of Safari in-line with other browsers like Tor. (WebKit is the browser engine that powers Safari.)

Google said in a blog post of its own earlier this year that it hopes to add similar functionality to Chrome "within two years." 

Cookies allow for tracking behavior across websites, something that has been under increasing scrutiny in recent years as the internet community began taking stock of how much data was being collected online by these trackers, known as third-party cookies and often used by social networks and advertising companies. With this new update, the newest Safari will no longer allow those cookies to operate.

In tweets accompanying his blog post, Wilander says that Apple will report back its experience to privacy groups such as the Worldwide Web Consortium to "help other browsers take the leap." 

This update takes several important steps to fight cross-site tracking and make it more safe to browse the web. First of all, it paves the way. We will report on our experiences of full third-party cookie blocking to the privacy groups in W3C to help other browsers take the leap. — John Wilander (@johnwilander) March 24, 2020

The move is Apple's latest to fight against data trackers. Last year the company built a new browser technology called Privacy Preserving Ad Click Attribution. It was designed to let advertisers figure out when their ads successfully got you to buy something, but without tracking you across the internet and harvesting personal details to do so. 

The company has taken other steps to try and limit the gathering of people's information, including creating Sign In with Apple , a way for people to sign in to apps and websites without having to necessarily divulge personal information such as their actual email address. 

The new version of Safari is out now in iOS and iPadOS 13.4 and in Safari version 13.1 on MacOS.

CNET's Stephen Shankland contributed to this report. 

Computing Guides

• Best Laptop
• Best Chromebook
• Best Budget Laptop
• Best Cheap Gaming Laptop
• Best 2-in-1 Laptop
• Best Windows Laptop
• Best Macbook
• Best Gaming Laptop
• Best Macbook Deals
• Best Desktop PC
• Best Gaming PC
• Best Monitor Under 200
• Best Desktop Deals
• Best Monitors
• M2 Mac Mini Review
• Best PC Speakers
• Best Printer
• Best External Hard Drive SSD
• Best USB C Hub Docking Station
• Best Keyboard
• Best Webcams
• Best Laptop Backpack
• Best Camera to Buy
• Best Vlogging Camera
• Best Tripod
• Best Waterproof Camera
• Best Action Camera
• Best Camera Bag and Backpack
• Best E-Ink Tablets
• Best iPad Deals
• Best E-Reader
• Best Tablet
• Best Android Tablet
• Best 3D Printer
• Best Budget 3D Printer
• Best 3D Printing Filament
• Best 3D Printer Deals
• Dell Coupon Codes
• Newegg Promo Codes
• HP Coupon Codes
• Microsoft Coupons
• Anker Coupons
• Logitech Promo Codes
• Western Digital Coupons
• Monoprice Promo Codes
• A4C Coupons

Manage cookies and website data

Websites often store cookies and other data on your Mac. This data may include information that you have provided, such as your name, email address, and preferences. This data helps websites identify you when you return so the site can provide services for you and show information that might be of interest to you.

By default, Safari accepts cookies and website data only from websites you visit. This helps prevent certain advertisers from storing data on your Mac. You can change options in Safari preferences so that Safari always accepts or always blocks cookies and other website data.

Open Safari for me

Important: Changing your cookie preferences or removing cookies and website data in Safari may change or remove them in other apps, including Dashboard.

Choose Safari > Preferences, click Privacy, then do any of the following:

Change which cookies and website data are accepted: Select a “Cookies and website data” option:

Always block: Safari doesn’t let any websites, third parties, or advertisers store cookies and other data on your Mac. This may prevent some websites from working properly.

Allow from current website only: Safari accepts cookies and website data only from the website you’re currently visiting. Websites often have embedded content from other sources. Safari does not allow these third parties to store or access cookies or other data.

Allow from websites I visit: Safari accepts cookies and website data only from websites you visit. Safari uses your existing cookies to determine whether you have visited a website before. Selecting this option helps prevent websites that have embedded content in other websites you browse from storing cookies and data on your Mac.

Always allow: Safari lets all websites, third parties, and advertisers store cookies and other data on your Mac.

Remove stored cookies and data: Click Manage Website Data, select one or more websites, then click Remove or Remove All.

Removing the data may reduce tracking, but may also log you out of websites or change website behavior.

See which websites store cookies or data: Click Manage Website Data.

Change how often websites ask to use your location information: Select a “Website use of location services” option:

Prompt for each website once each day: Safari prompts you once each day for each website you visit that requests use of location services.

Prompt for each website one time only: Safari only prompts you once for each website you visit that requests use of location services.

Deny without prompting: All websites are denied access to location services and Safari does not prompt you.

Ask websites not to track you: Some websites keep track of your browsing activities when they serve you content, which enables them to tailor what they present to you. You can have Safari ask sites and their third party content providers (including advertisers) not to track you.

With this option turned on, each time Safari fetches content from a website, Safari adds a request not to track you, but it’s up to the website to honor this request.

Switch language:

• Analyst Comment

Apple block on third party cookies will change digital media forever

• Share on Linkedin
• Share on Facebook

For years, Apple has been positioning itself as a stalwart defender of consumer privacy. This stance differentiated the company from Google and other Big Tech companies, but the latest changes Apple made to its browser, Safari, may have undesired consequences. The changes mean that third-party cookies that conduct cross-site tracking no longer work on Safari. Consumers and privacy advocates have welcomed the move, but they have made life more difficult for advertisers and small publishers.

Apple has been tackling privacy issues since 2015, when it first introduced an ad blocker to Safari. In 2017, it released a privacy feature called Intelligent Tracking Prevention (ITP), which was added to Safari and Apple’s mobile operating system, iOS. Two years later, ITP appeared on macOS, Apple’s desktop OS.

Go deeper with GlobalData

Advertising Sector Scorecard - Thematic Intelligence

Social media sector scorecard - thematic intelligence, premium insights.

The gold standard of business intelligence.

Find out more

Related Company Profiles

The new york times co, meta platforms inc, amazon.com inc.

The debate around online privacy has grown in the last five years, and Apple has communicated to its customer base that it was strengthening the privacy features of its products. The company likes to remind its customers that it doesn’t sell their personal information to advertisers, unlike Google, Amazon , or Facebook. In 2019, during the CES consumer electronics trade show in Las Vegas that Tim Cook’s company famously does not attend, Apple paid for a billboard outside one of the venues that said, “What happens on your iPhone, stays on your iPhone”.

Fast-forward to 2020, and Apple took the logical next step on its privacy drive. It stepped up the ITP feature to block, by default, without exceptions, all third-party cookies. This means that advertisers and publishers now have less information about who is visiting their pages, effectively ending targeted ads in Apple’s ecosystem.

In 2021, it followed with an iOS update that asks users to opt in if they want in-app ad tracking.

Apple stance on third party cookies will have wide ranging consequences

Cross-site tracking cookies have a bad reputation, but the entire business model of many digital advertising companies is built on targeting ads to users based on their browser history. Non-targeted ads have lower click-through rates and, therefore, generate less revenue for advertising companies.

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

The measure also puts small publishers at a disadvantage. Large global publications, like The New York Times or The Guardian , have the infrastructure in place to continue tracking their readers while they browse the different sections of their websites and apps, with or without third-party cookies, allowing for a certain degree of targeted advertising. Smaller publishers do not always have that infrastructure in place and, instead, relied on the analytics provided by digital advertisers.

By switching off third-party cookies completely, Apple is not only killing off the business model of many ad companies, but also giving an advantage to established publishers.

Businesses will have to adapt

This is not a problem that digital media companies have had to deal with globally yet, as Apple’s share of the smartphone market is not dominant anywhere in the world outside the US and, even there, Safari is not a market leader. Apple’s share of the desktop computer market is small everywhere, including in the US.

Nonetheless, business models will have to be adapted, as it is unlikely that there will be a way back for third-party cookies. Apple’s move puts pressure on Google to move in the same direction, with the company already promising to phase out support for third-party cookies by 2022.

A focus on privacy is undoubtedly welcome. However, when Google ends cross-site tracking on Chrome and Android, the company will continue to have plenty of information about its customers based on their activity across all Google products, not least search, in which Google has global dominance. As for smaller digital media companies, they will need to adapt or leave the market.

More Relevant

Tim Durrant on WhatsApp, governance and record keeping in a digital age

Apple pulls meta's whatsapp and threads from china following government order, hanwha techwin gets grant for media playback apparatus with system to prevent playback delay, eastman kodak gets grant for digital printing system with in-track position corrections, sign up for our daily news round-up.

Give your business an edge with our leading industry insights.

Sign up to the newsletter: In Brief

Your corporate email address, i would also like to subscribe to:.

Thematic Take (monthly)

I consent to Verdict Media Limited collecting my details provided via this form in accordance with Privacy Policy

Thank you for subscribing

View all newsletters from across the GlobalData Media network.

• Do Not Sell My Personal Info

•  ⋅ 

Safari Announces Full 3rd Party Cookie Blocking

Apple announced that Safari is now fully blocking 3rd party cookies. This is a milestone that surpasses Chrome.

Intelligent Tracking Prevention

Apple calls it’s feature Intelligent Tracking Prevention. It blocks third party cookies while also allowing access to cross-site cookies for services and features that a user has opted into like payment preferences, subscriptions and commenting widgets.

This way a user can still take advantage of payment methods like PayPal while blocking third party cookies from advertising sites that the user does not want tracking them from site to site.

The way Safari accomplishes this is by using a technology it introduced in 2017 called Storage Access API. The storage access API allows a user to be logged into a social media site and take advantage of “liking” or commenting features, for example.

No Arbitrary Cookie Access

The Storage Access API will not allow random third parties to circumvent blocking. According to the W3C Privacy Community Group that is involved with developing the standards:

“The Storage Access API is not intended to grant arbitrary third-parties cookie access. It is only intended to grant cookie access to third parties that the user actively uses as first party too, i.e. websites the user recognizes and uses. …the Storage Access API is not in conflict with single sign-on, cross-site subscription services, and federated logins.”

That means if you’re signed in to Facebook or PayPal, the services associated with those first party sites that the user has signed into will be able to perform as normal.

It’s only third party sites that the user has not opted into that will be blocked.

If the user is not signed in to the service, a pop up can be generated asking the user to sign in and accomplish whatever task they may have.

The announcement lists three key benefits:

Disables cross-site request forgery attacks against websites through third-party requests. Removes the ability to use an auxiliary third-party domain to identify users. Such a setup could otherwise persist IDs even when users delete website data for the first party. Simplifies things for developers. Now it’s as easy as possible: If you need cookie access as third-party, use the Storage Access API.

Safari Beats Chrome for Privacy

Chrome browser is not scheduled to have full third party blocking until 2022, two years from now. Google has more at stake than Apple does with regard to third party blocking. Google’s earnings depend on third party cookies in order to facilitate behavioral advertising (aka creepy ads).

Presumably, what people call Google’s creepy ads won’t be able to follow a user from site to site with Safari’s third party cookie blocking which is turned on by default.

Will Safari Block Google Analytics?

Apple didn’t provide guidance specific to Google Analytics. However, because Google Analytics is a third party that users haven’t opted into as a first party, presumably Google Analytics cookies may be blocked. This is something that will need to be tested.

Read the full announcement here:

Full Third-Party Cookie Blocking and More

I have 25 years hands-on experience in SEO and have kept on  top of the evolution of search every step ...

Subscribe To Our Newsletter.

Conquer your day with daily search marketing news.

How To Allow Third-Party Cookies on Mac for Safari, Chrome and Firefox

• It is common for most browsers to disable third-party cookies.
• Remember that cookies often invade your privacy and are typically used to target specific advertising to the user.
• Try to remember to disable these features again once you are finished.

Typically it’s a great idea to avoid third-party cookies, but some may want to know how to allow them on a Mac anyway. While this sounds insane, there are a couple of good reasons for this. For example, I was recently helping my uncle plan a vacation, and enabling cookies gave us more specific advertising on deals we were looking for. Allowing certain things to be on your Mac can sometimes be a good thing, so continue reading to explore the options.

How to Allow Third-Party Cookies with Safari

When it comes to a Mac’s native browser, there are two settings that users should change.

Time needed:  1 minute

How to enable third-party cookies in Safari:

In just a few simple clicks, Safari can accept all third-party cookies.

How to Allow Third-Party Cookies with Google Chrome

Of course, Safari isn’t for everybody, so let’s take a look at how to do the same thing within Google Chrome:

The nice thing about Google Chrome is that it allows that extra option for Incognito mode. This can be great for allowing cookies while browsing normally, yet still keeping things private when they need to be.

How to Allow Third-Party Cookies with Mozilla Firefox

Who can forget this one? Firefox is another staple within the world of alternative web browsers, as it should be. Like the other browsers before it, enabling the proper settings is as easy as a few clicks.

• Select Privacy & Security .
• Scroll a bit and select Custom .

Additionally, it may be of interest to read about why Mozilla decided to block third-party cookies automatically .

What About Other Browsers?

By now, astute readers should begin noticing a theme. If a user needs to enable third-party cookies in other web browsers, it’s simply a matter of exploring the Settings menu within that browser. With luck, enabling third-party cookies will most likely be within a Privacy and/or Security section. It may take some exploring, but as long as users avoid shutting things off randomly, the settings shouldn’t be too hard to find.

You may also want to know how to clear the cache of the three of the most popular Mac browsers .

Leave a Reply Cancel reply

You must be logged in to post a comment.

This site uses Akismet to reduce spam. Learn how your comment data is processed .

• Nick deCourville

• Skip to main content
• Skip to search
• Sign up for free

Saying goodbye to third-party cookies in 2024

The tail end of 2023 welcomes positive news for web privacy, as Chrome announces it is to join Firefox and Safari in deprecating third-party cookies in 2024 — starting with 1% of users from Q1 2024 to facilitate testing and ramping up from there.

This article explains the issues behind third-party cookies, what has been done already to mitigate those issues, Chrome's plans to disable them starting in Q1 2024, and how this all affects web developers and the users of their products.

The problem with cookies

Cookies have been around for a very long time on the web. In a nutshell, the idea is that a site can set a cookie on a user's browser via the Set-Cookie response header once a resource has been requested. This cookie can contain whatever data strings the site owners wish, and is generally used to provide state to websites.

For example, a cookie allows websites to retrieve information such as whether the user previously logged in, what they added to their shopping cart, their theme preferences and other personalization settings, saved game state, etc.

Note: Cookies used to be the primary method of storing client-side site data, although now more useful technologies exist for that purpose such as Web Storage and IndexedDB .

The above use cases can all be achieved with cookies set for documents existing on the same domain as the URL loaded in the browser. These are referred to as first party cookies .

Problems can arise when cookies are set for components that exist on different domains than the embedding document, such as images, or other documents embedded via <iframe> s. These cross-site cookies are commonly referred to as third-party cookies —but the behavior and potential issues are the same whether you own all the involved sites or not.

Third-party components can store information in their cookies from any and all documents they are embedded in. The originating third-party domain can then get access to all those third-party cookies, aggregating information from each one. This may sound harmless at first, and there are many legitimate uses of third-party cookies — for example a company might want to share user login state and profile information across multiple sites that it owns that are on different domains, or record analytics across its different properties to investigate user journeys and build more usable experiences. An ad tech company might want to infer user interests from the sites they visit to serve them more relevant ads.

However, in the worst cases, third-party cookies are used to track users around the web, building up a detailed profile of them that could include not only interests but also deeply personal information such as gender, sexuality, religion, political affiliation, etc. This information can be used to build creepy, invasive online experiences and is also sold to other third parties. In such cases, they are referred to as tracking cookies .

Legislation such as the General Data Privacy Regulation (GDPR) in the European Union and the California Consumer Privacy Act (CCPA) have helped by making it a legal requirement for companies to be transparent about the cookies they set and the information they collect, for example by asking customers to opt in to such data collection, allowing them to see what data a company hold on them, and allowing them to delete it if they wish. However, it is still not always crystal clear to customers how their data is being used.

How browsers have responded to this

Browser vendors such as Mozilla and Apple provide general defaults that block third-party cookies, while also including exceptions and heuristics in their source code to work around long-standing third-party cookie issues with popular websites.

For example:

• Mozilla's Anti-tracking policy has led to Firefox blocking third-party cookies from known trackers by default (see Firefox tracking protection and Enhanced tracking protection ). Firefox also gives third-party cookies a separate cookie jar per site, so they can't be used to track users across sites (see Total Cookie Protection ).
• Apple also has a similar Tracking prevention policy ; following this has led to a similar set of third-party cookie protections that are enabled by default; see Intelligent Tracking Prevention (ITP) for details.
• The Brave browser also blocks tracking cookies by default.

It is possible to allow usage of third-party cookies on a case-by-case basis in Firefox via browser settings. In Safari however, control is more limited — you can turn off cross-site tracking prevention, but allowing access to third-party cookies per frame can only be done at the code level, via the Storage Access API .

Google's long(er) game

This brings us on to Google who, from a cursory glance, seem to be slower off the mark than other browsers with regards to third-party cookie protection. At time of writing, third-party cookies are blocked only when in Incognito mode by default, although users can set Chrome to block third-party cookies all the time if they wish.

Note: Microsoft Edge also currently does not block third-party cookies by default.

Google's seemingly-slow response is a result of its vested interest in the business uses of third-party cookies, which includes advertising by a wide range of different organizations, including Google, as well as third-party authentication services and many other uses besides. Chrome also has a large share of the browser market which amplifies concern about the potential of breaking critical journeys for their user base, for example logging into government services or buying groceries.

Rather than quickly going for a blanket disabling option, Google has opted for a more nuanced solution — phasing out third-party cookies more slowly while developing new technologies to ensure that valid use cases have a privacy-focused way forward after third-party cookies are disabled by default, rather than potentially motivating sites to move to more covert forms of tracking or moving content behind sign-ins and paywalls.

These new web platform features are collected under the blanket of the Privacy Sandbox project, and have already undergone much development and testing. Some now enjoy cross-browser support, for example the Storage Access API , paving the way towards better cross-browser consistency in handling cross-site cookies.

These features have now reached the point where Google feels that they are mature enough to support their intended use cases, allowing Google to proceed to the step of starting to disable third-party cookies.

Chrome will disable third-party cookies for 1% of users from Q1 2024 to facilitate testing, gradually ramping up to 100% of users from Q3 2024. Reaching the 100% figure depends on Google addressing any remaining competition concerns from the UK's Competition and Markets Authority (CMA).

How this affects web developers

As a result of this change, web developers may well experience higher volumes of users having broken experiences on their web properties, especially if they directly set third-party cookies, or use third-party services that set third-party cookies.

To work around such issues, you are advised to:

• Audit your third-party cookie usage. Third party cookies have a SameSite=None value set; you should therefore be able to identify them by searching for this setting in your browser DevTools, for example in the Firefox Storage Inspector or the Chrome Application panel .
• You should validate if your SameSite=None cookies are really still needed. It's possible that they could have been marked as such to provide a quick fix in the past.
• Initially at least, you could make your code more resilient so that it provides a less personalized experience when third party cookie data is not available rather than breaking altogether. Follow the principles of graceful degradation .
• You could choose to gather such data via alternative means, such as user surveys or quizzes, or looking at data you already have such as product order histories to infer trends.
• If you've already implemented a solution using the Storage Access API for Firefox or Safari then this is a good time to check your implementation against Chrome's behavior, which was updated to provide full support in version 119.
• Related Website Sets can be considered a progressive enhancement of the Storage Access API: The API can be used in just the same way, but sites in the set will not prompt users for permission to access third party cookies.
• If your third-party cookies are being used on a 1:1 basis with the top-level sites they are generated on, you could use Cookies Having Independent Partitioned State (CHIPS) , or partitioned cookies, to opt your cookies into partitioned storage with a separate cookie jar per top-level site. This only requires adding the partitioned attribute to your existing cross-site cookies. They can then be used in an unrestricted fashion, but they can't be shared with other sites. Note that CHIPS is currently Chromium-only.
• Federated Credential Management (FedCM) API : Enables federated identity services allowing users to sign in to sites and services.
• Private State Tokens : Enables anti-fraud and anti-spam by exchanging limited, non-identifying information across sites.
• Topics API : Enables interest-based advertising and content personalization.
• Protected Audience API : Enables remarketing and custom audiences.
• Attribution Reporting API : Enables measurement of ad impressions and conversions.

Getting rid of third-party cookies from the web has been a long time coming, and the story is not yet finished. However, Chrome's announcement is a big step towards making it happen. You can help — use the resources above to check whether your sites and apps could migrate away from using third-party cookies using the features available today. Spread the word on this to encourage others to do the same. And give browser vendors feedback on what's still missing.

Note: The developer.chrome.com article Preparing for the end of third-party cookies has more information about testing from a Chrome point of view, and how to use privacy sandbox technologies to work around your issues.

Previous Post Baseline's evolution on MDN

Next post build ai-powered applications using openllm and vultr cloud gpu, stay informed with mdn.

Get the MDN newsletter and never miss an update on the latest web development trends, tips, and best practices.

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

Safari still blocking third party cookies even cookie blocking and cross site checking is OFF

I am using Safari Version 13.0.4 (15608.4.9.1.3) on mac OS Catalina 10.15.2

In my Learning Management System CANVAS, Kaltura video, Piazza are embedded. And I got this message:

"It seems your browser is blocking 3rd party  session cookies  which are required for the Kaltura application. To resolve this issue, please update your settings to allow 3rd party cookies."

I already toggled Block all cookies and Prevent Cross-site tracking on and off. Clear history and cookies. Still doesn't work.

Posted on Jan 19, 2020 7:58 AM

Similar questions

• Safari is blocking all cookies despite browser privacy settings - safari 13.0.4, os mojave I use an online process to minimize or opt out of internet tracking. For some reason the process is failing because of an error stating "Your Browser does not allow third party cookies". Safari preference settings > "website tracking" is unchecked and "block all cookies" is also unchecked. Is there another setting somewhere that would allow Safari to accept third party cookies? 3955 1
• Cookies issue after update Safari to 13.0.1 After update Safari to 13.0.1 it don't save any cookie. I go to any site, make login, and if I close tab and then open it again my login is disappear (I should login again). I switching on/off privacy setting, del all old cookies, restart my mac, but it didn't help me ( I record the video. https://youtu.be/NTsmQ5VHKQ0 1083 6
• Non persistent cookies The PA DOT website is telling me that my new Mac (OS Big Sur 11.4 with Safari 14.1.1) computer is blocking non persistent cookies. However, my cookie blocker is turned off. The instructions I've found on line don't match the drop downs in Safari privacy or security. How do I allow non persistent cookies? 761 1

Loading page content

Page content loaded

Jan 19, 2020 8:55 AM in response to Raymond Tan

Download Safari Technology Preview and install it.

This version of Safari has advanced features’

Safari Technology Preview  Download Safari Technology Preview

Safari Tech Preview > Preferences >  Privacy

UnCheck the boxes beside “Prevent cross-site tracking” and “Block all cookies”.

Safari > Preferences > Websites > Pop-ups

Choose “Allow” in the box next to website’s address.

Sometimes Starting up in Safe Mode may resolve  minor issues like this.

Startup in Safe Mode   https://support.apple.com/lv-lv/HT201262

Jan 19, 2020 10:29 AM in response to Raymond Tan

This seems to be a bug in Safari 13.0.4. Use another browser as a workaround. Other browser options.

Firefox         10.9 or higher

Opera Browser         10.9 or higher

SeaMonkey       10.9 or higher8

Waterfox           10.8 or higher

How to Enable Cookies in Any Mac Browser

Is your browser blocking cookies when you don't want it to?

Key Takeaways

• Enabling cookies in your Mac's browser is important for many websites to function properly and store important information.
• Safari users can enable cookies by going to Safari settings, navigating to the Advanced tab, and unchecking the Block all cookies box.
• Other browsers like Chrome, Firefox, and Microsoft Edge also offer options to enable cookies in their privacy settings, allowing for customization and fine control over cookie preferences.

Websites often store small text files on your Mac. While these files, AKA cookies, could raise privacy concerns, many sites will not function properly without them. So, whether you use Safari, Chrome, or Firefox, here's how to enable cookies in your Mac's browser.

While Safari's tracker prevention tool is often best left on, not allowing any cookies can be problematic. Many websites rely on cookies to store important information relating to preferences and account details, and blocking them can create a negative user experience and make some pages slow or completely nonfunctional.

You can enable cookies in Safari using these steps:

• Launch Safari .
• Head to the Advanced tab in the window.

You can also click the Manage Website Data button in the Privacy section of Safari settings to either remove individual cookies you don't want stored on your Mac or clear out all the cookies on Safari. The tool has a search function, so you can easily locate files related to a particular website and delete them if necessary.

Google Chrome

If you use Chrome instead of Safari as the default browser on your Mac, follow these steps to enable cookies:

• Launch Google Chrome .
• Click Chrome in the menu bar and choose Settings .
• Select Privacy and security in the left sidebar.

If you scroll down to the bottom of the same menu, you'll see the option to allow specific sites to use third-party cookies for greater control. Before you alter any settings, you may want to see our guide on Chrome's cookies policy .

Mozilla Firefox

If you're someone who uses Firefox instead of Chrome, you can enable third-party cookies in a similar way by following these simple steps:

• Launch Firefox and click Firefox in the menu bar.
• Select Settings from the dropdown to open up Firefox's settings.
• Click Privacy & Security in the left sidebar.

Firefox also has a tool for blocking or allowing cookies from certain websites. You'll find these settings when you click the Manage Exceptions button under the Cookies and Site Data section in the same menu.

Microsoft Edge

Thanks to the switch to Chromium, Microsoft Edge has gained popularity in recent years. And if you're someone who uses it, here's what you need to do on your Mac to enable cookies on Microsoft Edge:

• Launch Microsoft Edge .
• Click Microsoft Edge in the menu bar and choose Settings .
• Go to Cookies and Site Permissions in the side menu.
• Select Manage and delete cookies and site data on the right.

Further down the page, you'll find a Block and Allow list where you can add specific sites for finer control.

Allow Third-Party Cookies in Less Common macOS Browsers

As you can see, you'll generally find your cookies settings within your browser's privacy settings. If you still can't locate the appropriate setting in your browser, you may need to check the developer's website for more information.

Cookies Are Necessary for Browsing the Web

Cookies aren't necessarily harmful. While many aim to gather personal information and track you across the internet, others are crucial to helping websites work as intended. In fact, cookies help save your preferences, so you don't have to add them each time you visit.

In most cases, you can allow third-party cookies without any serious security risks. Most browsers offer intuitive options within their privacy settings that let you quickly alter and customize your preferences.

InfoQ Software Architects' Newsletter

A monthly overview of things you need to know as an architect or aspiring architects.

View an example

We protect your privacy.

Facilitating the Spread of Knowledge and Innovation in Professional Software Development

• English edition
• Chinese edition
• Japanese edition
• French edition

Back to login

Login with:

Don't have an infoq account, helpful links.

• About InfoQ
• InfoQ Editors
• Write for InfoQ
• About C4Media

Choose your language

Discover transformative insights to level up your software development decisions. Register now with early bird tickets.

Get practical advice from senior developers to navigate your current dev challenges. Register now with early bird tickets.

Level up your software skills by uncovering the emerging trends you should focus on. Register now.

Your monthly guide to all the topics, technologies and techniques that every professional needs to know about. Subscribe for free.

InfoQ Homepage News Safari Blocks Third-Party Cookies by Default

Safari Blocks Third-Party Cookies by Default

This item in japanese

Apr 13, 2020 3 min read

Bruno Couriol

InfoQ Article Contest

Safari joins privacy-focused web browsers like Tor and Brave in blocking third-party cookies by default in a move aimed at taking a step forward in web privacy. Google, which announced moving in that direction in May 2019 , will not support third-party cookie blocking by default for all Chrome users until 2022 . Third-party cookie blocking by default may disable login fingerprinting, and some cross-site request forgery attacks.

Safari recently announced blocking cookies for cross-site resources by default. The move comes after gradually increasing cookie restrictions which started with the introduction of Safari’s Intelligent Tracking Prevention (ITP) in 2017 (now in version 2.3 ). Safari describes the changes as improving privacy for users:

Cookies for cross-site resources are now blocked by default across the board. This is a significant improvement for privacy since it removes any sense of exceptions or “a little bit of cross-site tracking is allowed.”

Alongside the existing privacy features of Mozilla’s Firefox, which also blocks known third-party cookies by default since last year , Apple has continuously updated ITP and further restricted the conditions of usage of first-party and third-party cookies. ITP reduced over the years the time limit on persistent client-side cookies to 24 hours from over a year . ITP additionally blocked some, but not all, third-party cookies by default on both desktop and mobile platforms. Safari 13.1 will now block all third-party cookies by default for all users.

John Wilander, software engineer at Apple, mentioned in the blog a few advantages related to the default third-party cookies blocking. Third-party cookies blocking by default would disable login fingerprinting, a problem already described 12 years ago . Without protection, trackers can identify which websites a browsing user is logged into and use the information as a fingerprint. The cookies blocking would also disable cross-site request forgeries , another one of the web’s original security vulnerabilities.

To keep supporting cross-site integration, Apple promotes the Storage Access API and the use of OAuth 2.0 Authorization . Wilander explained:

Here’s how you can make things work for your users: Option 1 : OAuth 2.0 Authorization with which the authenticating domain (in your case, the third-party that expects cookies) forwards an authorization token to your website which you consume and use to establish a first-party login session with a server-set Secure and HttpOnly cookie . Option 2 : The Storage Access API with which the third-party can request permission to get access to its first-party cookies.

The full blog note contains additional details on some other technical elements of the ITP update and third-party cookies blocking.

Google shipped Chrome 80 with some support for third-party cookie blocking (under the name of SameSite cookies ). However, full support is not expected for all Chrome users until 2022 . The New York Times in a recent article hinted at possible reasons behind the timeline:

[T]he American Association of Advertising Agencies and the Association of National Advertisers quickly complained in an open letter that removing cookies could “choke off the economic oxygen from advertising that start-ups and emerging companies need to survive.”

The introduction of ITP in 2017 also led to angry reactions from some advertising and marketing organizations. Concerns exist still now over the impact of restricting cookies on commonly-used tools like Google Analytics.

Firefox announced blocking a list of known third-party cookies by default for all users in Firefox 69 in September 2019 with its Enhanced Tracking Protection feature. Microsoft’s Chromium-based Edge has also begun gradually blocking third-party cookies but the feature is not enabled by default for all its users. Four other privacy-focused browsers ( Tor , Brave , Epic , and Min ) are also blocking third-party cookies by default.

First-party cookies, created by the domain a user is visiting, help provide a better user experience: keep the session open, store relevant information – status of shopping carts, usernames and passwords, and more. Third-party cookies are cookies created by domains other than the domain a user is visiting. A few common third-party cookies include retargeting cookies, social media buttons, and chat popups.

While first-party cookies are set by the publisher’s web server or loaded JavaScript on the site and are only accessible via the site domain, third-party cookies are set by a third-party server by specific code, and are accessible on any website loading the third-party server’s code. Users can block or delete first-party cookies through their browser settings. Browsers are increasingly restricting or outright blocking on default the creation of third-party cookies.

Rate this Article

This content is in the web development topic, related topics:.

• Development
• Web Browser
• Web Development
• Advertising

Related Editorial

Related sponsored content, popular across infoq, effective performance engineering at twitter-scale, architecting for high availability in the cloud with cellular architecture, architectures you’ve always wondered about 2024 emag, java news roundup: jobrunr 7.0, introducing the commonhaus foundation, payara platform, devnexus, qcon london: how duolingo sent 4 million push notifications in 6 seconds during the super bowl break, using cognitive science to improve developer experience, related content, the infoq newsletter.

A round-up of last week’s content on InfoQ sent out every Tuesday. Join a community of over 250,000 senior developers. View an example

Photo by pine watt on Unsplash

Third-Party Cookie Restrictions for Iframes in Safari

Table of contents

What do you need to know before, introduction, storage access apis, we are hiring.

What is an iframe ?

What are cookies?

What is a third-party cookie?

Have you ever wondered why some websites ask for storage permissions or why some features don't work in certain browsers? Let's dive into the intricacies of third-party cookie restrictions in Safari and how we tackled them!

Safari , Apple's flagship browser, has always been a pioneer in the quest for user privacy and security . In recent years, it has made significant strides in protecting its users from the prying eyes of online trackers by restricting third-party cookies .

In the following discussion, we will delve into a specific challenge encountered within this privacy-focused paradigm. This blog aims to unravel the complexities of seeking storage permission in Safari, particularly when our content is loaded within an iframe and relies on third-party cookies.

The predicament arose as we endeavored to integrate our React-based web app into an iframe hosted on a different domain. This intersection of domains posed a unique challenge, prompting us to explore innovative solutions to seamlessly navigate the intricacies of Safari's third-party cookie restrictions.

Our application uses cookies for authentication. In one of the use cases, it was being rendered inside an iframe. The parent HTML document that was rendering the iframe was being hosted on an entirely different domain.

In other browsers, our application within the iframe was able to access the cookies but not in Safari. Safari uses Intelligent Tracking Prevention(ITP ) to control the access of third-party cookies.

ITP aims to prevent third-party cookies, making them inaccessible in iframes unless certain conditions are met. These conditions can be found in the Webkit's official announcement .

"Third-party cookie access can only be granted through the Storage Access API."

Let's look at parts of this API that concern our problem:

document.hasStorageAccess API Doc

This API is used to check cookie storage access. This will return false for third-party cookies in the case of the Safari browser.

document.requestStorageAccess API Doc

This API is used to ask for third-party storage(cookie) access explicitly from the user.

Both of the above APIs are available in Safari as well as in other browsers .

Webkit's official documentation explains the steps to use these APIs & the rest of the user flow(which is the basis for the following solution). We recommend giving it a read before moving ahead with this post.

The solution described below is not the only one but will help you in designing solutions for your use cases. You can also design a solution as per your needs by following the guide mentioned here .

We are using react so the above-mentioned solution is written in the concepts of react.

We have created separate utility functions in the helper file.

The above code is to make the browser API abstract from the actual implementation. These functions are what we are going to call.

Then after, we created a new file named useStoragePermissions.tsx and added the below-mentioned code.

Using the above hook we have exposed below three states:

needPermission : This will be true when the browser is Safari and it has support for hasStorageAccess and requestStroageAccess

Hint: Use this boolean while consuming this hook to decide when to call askForPermission and haveCheckedPermission .

askForPermission : This is the function that the consumer could call to request the user to give storage access permission

haveCheckedPermission : This is a boolean which will be true after calling askForPermission in the case of needPermission is true initially.

To consume the above hook, we have followed the below-mentioned steps:

We have mounted and created a hook in #2 at the initialization part of the app. Use the needPermission state from it and proceed ahead as normal when needPermission is false .

We created some other routes user-access-flow that show a button with some text like Set Cookie . And onClick of it, we set the cookie.

This is where we are actually calling authentication-related APIs and then the server is setting up cookies.

Once this cookie is set, close this tab using window.close()

Now when, needPermission is true

We show the user some text like, " Click here and click on the Set-Cookie button on the newly opened tab " and on click of it, redirect the user to the route created in above step 2.

Now, when a user comes back from that route, call askForPermission on click of some button. Which should ask the user to give storage permission.

Once the user clicks on Allow the button, your website is authorized to store and access third-party cookies and now you can continue with business logic.

We have also kept this thing in mind that this consent will be revoked if the user cleans up the browser history and does not visit that domain for 7 days. These constraints are already mentioned here

If you have faced such issues while developing or browsing such issues, please share those in the comments. We will be more than happy to read and comment more on those.

If solving challenging problems at scale in a fully remote team interests you, head to our careers page and apply for the position of your liking!

• PRO Courses Guides New Tech Help Pro Expert Videos About wikiHow Pro Upgrade Sign In
• EDIT Edit this Article
• EXPLORE Tech Help Pro About Us Random Article Quizzes Request a New Article Community Dashboard This Or That Game Popular Categories Arts and Entertainment Artwork Books Movies Computers and Electronics Computers Phone Skills Technology Hacks Health Men's Health Mental Health Women's Health Relationships Dating Love Relationship Issues Hobbies and Crafts Crafts Drawing Games Education & Communication Communication Skills Personal Development Studying Personal Care and Style Fashion Hair Care Personal Hygiene Youth Personal Care School Stuff Dating All Categories Arts and Entertainment Finance and Business Home and Garden Relationship Quizzes Cars & Other Vehicles Food and Entertaining Personal Care and Style Sports and Fitness Computers and Electronics Health Pets and Animals Travel Education & Communication Hobbies and Crafts Philosophy and Religion Work World Family Life Holidays and Traditions Relationships Youth
• Browse Articles
• Learn Something New
• Quizzes Hot
• This Or That Game New
• Train Your Brain
• Explore More
• Support wikiHow
• About wikiHow
• Log in / Sign up
• Computers and Electronics
• Operating Systems

How to Allow 3rd Party Cookies on a Mac

Last Updated: December 5, 2023 Fact Checked

This article was co-authored by wikiHow staff writer, Darlene Antonelli, MA . Darlene Antonelli is a Technology Writer and Editor for wikiHow. Darlene has experience teaching college courses, writing technology-related articles, and working hands-on in the technology field. She earned an MA in Writing from Rowan University in 2012 and wrote her thesis on online communities and the personalities curated in such communities. This article has been fact-checked, ensuring the accuracy of any cited facts and confirming the authority of its sources. This article has been viewed 54,101 times. Learn more...

When you visit a website, there’s a good chance that it’s saving your browsing patterns on your device. This information, known most commonly as “cookies,” allows websites to personalize their data to fit your specific needs. While cookies have gotten a bad rap in the media, they can actually help you find exactly what you’re looking for when you have them enabled. This wikiHow will teach you how to allow 3rd party cookies on Mac using Safari, Chrome, or Firefox.

Allowing 3rd Party Cookies on Safari

• You can also check a less liberal option, such as "Allow from websites I visit", to cut down on the number of third-party cookies on your computer.
• These cookies will make your browsing experience easier. They allow the 3rd-party elements (like ads and images) to remember your site preferences and give you locally relevant information.

Allowing 3rd Party Cookies on Chrome

• Cookies are enabled by default in Chrome. You won't have to turn them on unless you disabled them in the past.

• To allow all cookies, including those meant to track your browsing on other websites, select Allow all cookies .
• To allow all cookies except tracking cookies from third parties, select Block third-party cookies . This option may break some features on websites, but it will protect your privacy from trackers.
• To only block third-party cookies in Incognito mode , select Block third-party cookies in Incognito . This allows all cookies except when you open a new Incognito window.

Allowing 3rd Party Cookies on Firefox

• Cookies are enabled by default in Firefox. You won't have to turn them on unless you disabled them in the past.

• Standard: This option allows all cookies except for those that track you on other websites, although it will let some cross-site trackers through if they are for login or other non-predatory reasons. This option is best for most users.
• Strict: This option is similar to Standard, except it blocks all third-party cookies. This could make it difficult to log in to some websites and use certain website features.
• Custom: This option lets you choose exactly which types of cookies you want to allow and block. This option is great for power users who are familiar with different types of tracking cookies.
• Cookies will make your browsing experience easier. They allow the 3rd-party elements (like ads and images) to remember your site preferences and give you locally relevant information.

Expert Q&A

You Might Also Like

• ↑ https://support.apple.com/guide/safari/manage-cookies-and-website-data-sfri11471/mac
• ↑ https://support.apple.com/en-us/102564
• ↑ https://support.apple.com/en-us/guide/safari/ibrw850f6c51/mac
• ↑ https://support.google.com/accounts/answer/61416?hl=en&co=GENIE.Platform%3DDesktop
• ↑ https://support.google.com/chrome/answer/95647
• ↑ https://support.mozilla.org/en-US/kb/websites-say-cookies-are-blocked-unblock-them#firefox:mac:fx120

About This Article

1. Open Safari. 2. Click Safari . 3. Click Preferences . 4. Click the Privacy tab. 5. Deselect the “Block All Cookies” option. Did this summary help you? Yes No

• Send fan mail to authors

Is this article up to date?

Featured Articles

Trending Articles

Watch Articles

• Terms of Use
• Privacy Policy
• Do Not Sell or Share My Info
• Not Selling Info

wikiHow Tech Help Pro:

Level up your tech skills and stay ahead of the curve

Safari User Guide

• Change your home page
• Import bookmarks, history and passwords
• Make Safari your default web browser
• Go to websites
• Find what you’re looking for
• Bookmark web pages that you want to revisit
• See your favourite websites
• Use tabs for web pages
• Pin frequently visited websites
• Play web videos
• Mute audio in tabs
• Pay with Apple Pay
• Autofill credit card info
• Autofill contact info
• Keep a Reading List
• Hide ads when reading articles
• Translate a web page
• Download items from the web
• Share or post web pages
• Add passes to Wallet
• Save part or all of a web page
• Print or create a PDF of a web page
• Customise a start page
• Customise the Safari window
• Customise settings per website
• Zoom in on web pages
• Get extensions
• Manage cookies and website data
• Block pop-ups
• Clear your browsing history
• Browse privately
• Autofill username and password info
• Prevent cross-site tracking
• View a Privacy Report
• Change Safari preferences
• Keyboard and other shortcuts
• Troubleshooting

Manage cookies and website data in Safari on Mac

You can change options in Safari preferences so that Safari always accepts or always blocks cookies and website data .

Open Safari for me

Prevent trackers from using cookies and website data to track you: Select “Prevent cross-site tracking”.

Cookies and website data are deleted unless you visit and interact with the trackers’ websites.

Always block cookies: Select “Block all cookies”.

Websites, third parties and advertisers can’t store cookies and other data on your Mac. This may prevent some websites from working properly.

Always allow cookies: Deselect “Block all cookies”.

Websites, third parties and advertisers can store cookies and other data on your Mac.

Remove stored cookies and data: Click Manage Website Data, select one or more websites, then click Remove or Remove All.

Removing the data may reduce tracking, but may also log you out of websites or change website behaviour.

See which websites store cookies or data: Click Manage Website Data.

Note: Changing your cookie preferences or removing cookies and website data in Safari may change or remove them in other apps.

• Mobile Site
• Staff Directory
• Advertise with Ars

Filter by topic

• Biz & IT
• Gaming & Culture

Front page layout

Given the choice —

Report: people are bailing on safari after dma makes changing defaults easier, indie browsers report significant spikes in users in the past month..

Ashley Belanger - Apr 10, 2024 5:15 pm UTC

Smaller web browsers are gaining traction in the European Union after the Digital Markets Act (DMA) started requiring designated gatekeepers like Google and Apple to make it easier to switch default web browsers on devices.

Previously, tech giants were able to lock users into setting their own browsers as defaults—or at least make it complicated to update the defaults—offering the majority of users their own browsing services for free while collecting data used for ad-targeting. This, the EU feared, kept users from switching to defaults that offered superior or more private web browsing experiences.

Reuters collected data from six companies, confirming that, when presented with a choice screen, many EU users will swap out default browsers like Chrome or Safari for more privacy-focused options. And because iPhones have a larger market share than Google-branded phones in the EU, Apple is emerging as the biggest loser, Reuters reported, noting that under the DMA, "the growth for smaller browsers is currently coming at the cost of Safari."

Some indie browsers are benefiting more than others from users shifting away from Safari. In the month since the DMA took effect on March 7 , the Cyprus-based Aloha Browser told Reuters that its total users in the EU spiked by 250 percent in March. In Belgium, Aloha users increased threefold, Aloha said in a press release .

Aloha attracts about 10 million monthly average users globally by promising "total privacy." The company profits from paid subscriptions to premium features like "advanced VPN and privacy-oriented AI," instead of from tracking users for invasive ad-targeting, the press release said.

Aloha does not and has "never collected, stored or monetized any user data of any kind, making Aloha the only major browser that does not receive any money for user data," Aloha CEO Andrew Frost Moroz said in the press release, adding that "we were not surprised to see this increase."

"By enacting these regulations, the EU has done two things: They've cut down on some of big tech's monopolistic practices, and they've made consumers more aware of their choices in the tools they can use online," Frost Moroz said. "And many of those consumers are clearly saying they want to take back control of their digital privacy and personal data."

At least five other browsers have also benefited, Reuters reported, confirming that Norway's Vivaldi and Opera, Germany's Ecosia, and US-based Brave and DuckDuckGo all reported increased users after the DMA took effect. Jan Standal, Opera's vice president, did not share specific numbers but said that Opera is experiencing "record user numbers in the EU right now."

While these numbers are encouraging for smaller browsers hoping to gain a larger market share in the EU, some browser companies have criticized Apple and Google for "slowing the migration of mobile users to new browser choices" by rolling out "slow and clunky" updates, Reuters reported.

Vivaldi CEO Jon Stephenson von Tetzchner directly criticized Apple's process for swapping default browsers as "just so convoluted that it's easiest for (users) to select Safari or potentially some other known name." The CEO told Reuters that Apple only displayed the required choice screen—currently "curated for each of the 27 countries in the EU" and "showing up to 11 browsers in addition to Safari"—when users clicked on Safari and said Apple failed to provide useful information about alternative choices.

reader comments

Channel ars technica.

Hands-On Mac 129: How To Use Safari Extensions All TWiT.tv Shows (Audio)

Safari, like any modern web browser, offers support for third-party extensions. In this episode of Hands on Mac, Mikah Sargent walks you through the process of discovering, managing, installing, and using extensions in the Safari browser on macOS Sonoma. Use Safari extensions on your Mac - https://support.apple.com/en-us/102343 Host: Mikah Sargent Want access to the video version and exclusive features? Become a member of Club TWiT today! https://twit.tv/clubtwit Club TWiT members can discuss this episode and leave feedback in the Club TWiT Discord.

• Episode Website
• More Episodes
• This work is licensed under a Creative Commons License - Attribution-NonCommercial-NoDerivatives 4.0 International - http://creativecommons.org/licenses/by-nc-nd/4.0/

More by TWiT TV

Exclusive: EU's new tech laws are working; small browsers gain market share

• Medium Text

• Company Alphabet Inc Follow
• Company Apple Inc Follow
• Company Microsoft Corp Follow

CHOSEN ONES

The Technology Roundup newsletter brings the latest news and trends straight to your inbox. Sign up here.

Reporting by Supantha Mukherjee in Stockholm and Yun Chee in Brussels; Editing by Kenneth Li and Daniel Wallis

Our Standards: The Thomson Reuters Trust Principles. New Tab , opens new tab

Thomson Reuters

Supantha leads the European Technology and Telecoms coverage, with a special focus on emerging technologies such as AI and 5G. He has been a journalist for about 18 years. He joined Reuters in 2006 and has covered a variety of beats ranging from financial sector to technology. He is based in Stockholm, Sweden. 

An agenda-setting and market-moving journalist, Foo Yun Chee is a 20-year veteran at Reuters. Her stories on high profile mergers have pushed up the European telecoms index, lifted companies' shares and helped investors decide on their move. Her knowledge and experience of European antitrust laws and developments helped her broke stories on Microsoft, Google, Amazon, numerous market-moving mergers and antitrust investigations. She has previously reported on Greek politics and companies, when Greece's entry into the eurozone meant it punched above its weight on the international stage, as well as Dutch corporate giants and the quirks of Dutch society and culture that never fail to charm readers.

A union coalition for Tenet Healthcare's workers reached a tentative labor deal with the hospital system that included across-the-board raises of 14% over three years for full and part-time workers, the union said on Friday.

Switzerland's recently published report on how to better police the country's banks was well received at the International Monetary Fund's meeting in Washington, the country's finance minister said on Friday.

Teamsters local unions in three states filed unfair labor practice charges against PepsiCo with the U.S. National Labor Relations Board, the union said on Friday.

Technology Chevron

Bitcoin 'halving' has taken place, CoinGecko says

Bitcoin, the world's largest cryptocurrency, on Friday completed its "halving," a phenomenon that happens roughly every four years, according to according to CoinGecko, a cryptocurrency data and analysis company.

Skydance Media, which is in exclusive merger talks with Paramount Global , expects to more than double its revenue and triple its adjusted earnings in the coming years, the Wall Street Journal reported on Friday.

Google Chrome vs. Apple Safari: Which browser is better on Mac

• Cross-platform availability can make the switch from Chrome to Safari seamless, with data and preferences intact across devices.
• Safari's user interface impresses with a clean layout, while Google Chrome offers more customization options in its Material You makeover.
• Safari's memory usage advantage over Chrome on Mac with 8GB of RAM is a key factor to consider if performance is a concern.

As the default web browser on Mac, Safari has received a steady stream of updates over the last few years. Apple releases new builds for all its apps and services with yearly OS updates. While we applaud Safari improvements on Mac, the burning question remains the same: is it good enough to prevent users from switching to Chrome? How does it compare to everyone’s favorite web browser out there? Read our comparison post before you change the default browser on your Mac , iPhone, or iPad.

Google Chrome vs Microsoft Edge: Which browser is better?

Cross-platform availability.

Before we pit Safari against Chrome, let’s check their cross-platform availability first. After all, you won’t want to leave your web bookmarks, history, quick links, and other preferences behind when you switch to another platform.

As expected, alternating is a breeze with Chrome, since the browser is available on most smart platforms you can think of. Whether you use Mac, Windows, iPhone, Android, or ChromeOS, you are ready to surf the web with all of your personal data and a familiar interface. In contrast, Apple’s walled garden approach has limited Safari’s availability to the company’s devices only.

User interface and theme

Being the first-party app on macOS, Apple has nailed the esthetics of Safari. Let’s start with the homepage. It carries all the essential elements you need when you fire up the browser. You can check your favorites, recently closed tabs, reading list, privacy report, Siri suggestions, and even apply minimal wallpaper to the background. If it’s too busy for you, customize the entire homepage from the bottom menu. Overall, it’s not as busy as Microsoft Edge and doesn’t look as bland as Chrome’s homepage. Safari also offers a cool translucent effect at the top when you scroll through webpages. Unlike Chrome, there is no theme store to change the look and feel with a single click.

Google Chrome recently received a neat Material You makeover on the web. While Material You on Chrome matches the rest of Google services, it does look slightly out of place with other Mac apps.

Tab management

Do you often have dozens of tabs open during long research sessions? Managing and switching between them can be cumbersome after a while. Here’s where Chrome and Safari’s tab groups come into play, where you can organize relevant tabs under different groups. Safari does have a couple of additional tricks up its sleeve though.

When you create several tab groups on Safari, you can check the entire list from the vertical sidebar. Safari also lets you create different profiles to keep your browsing data separate, such as tabs, history, cookies and website data.

You can assign a different symbol, color, and separate extension list for Work, School, or Personal profiles. There is also an option to share a tab group with your iMessage contacts.

Chrome vs. Safari: Features

Let’s compare Safari and Chrome based on extension support, reading mode, and other novelty features.

Reading mode

Apple offers a seamless reading mode on Safari that you can customize with different backgrounds, fonts, and sizes. In comparison, Chrome’s reader mode leaves a lot to be desired. It opens the article in a sidebar and doesn’t necessarily hide all the distracting elements. Safari wins hands down here.

While Safari covers the essential extensions from top VPNs, password managers, and other third-party developers like Grammarly, Pocket, Raindrop, and Notion, the overall collection is still slim compared to Google Chrome.

If your workflow depends on dozens of extensions, think twice before switching from Chrome to Safari.

Seamless sharing

Shared with You is a niche Safari feature that is tightly backed in iMessage. Links shared with you in the Messages app automatically appear in the Share with You section in Safari. It is only useful for those who frequently exchange weblinks in iMessage conversations.

Instant conversion and translation

Both Safari and Chrome support instant currency conversion and basic math equations. For example, you can quickly get a final number when you type $1000 to INR or 45*3 in the address bar. Chrome goes a step further with Google Translate integration - you can simply type Hello in French and get results instantly.

Chrome vs. Safari: Password management

Both browsers offer basic password management to save your login credentials. Safari uses iCloud Passwords that can sync with all your devices. It supports autofill, Passkeys, verification codes, notes, and more.

Google Password Manager also supports notes and checkup. Like security recommendations on Safari, Chrome Password Manager’s checkup tool shows your leaked, reused, and weak passwords.

Privacy and security

The built-in standard protection on Chrome warns you of harmful files, extensions, and corrupt sites. Safari is a step ahead with iCloud Private Relay. It’s a privacy add-on for Apple One and iCloud+ subscribers to hide your IP address from websites you visit. The option is enabled by default and works silently in the background. When you visit a website in Safari, no one, including Apple, can see who you are or which sites you are visiting. It’s not as extreme as a VPN connection and doesn’t break your browsing setup. You can check out our dedicated guide if you'd like to learn more about iCloud Private Relay .

Safari also offers a privacy report that shows the number of trackers it has blocked from profiling you in the last 30 days.

Performance

When it comes to performance, you won’t find any major differences between Chrome and Safari on a high-speed internet connection. However, if your Mac has a slow network connection, you may notice that Safari can load webpages faster than Chrome, something that Avast confirmed in their dedicated speed comparison for major browsers.

While we are on the topic of performance, we should also factor in compatibility. Since Google Chrome (built on Chromium) is the most popular web browser out there, developers test and optimize their offerings for it. You may run into performance issues with specific websites (like Photopea, a web-based Photoshop alternative) on Safari.

Memory usage

Safari is a relatively lightweight web browser compared to Chrome. This is expected, since Chrome has been infamous for high RAM usage. We opened a couple of identical tabs on Chrome and Safari and checked their memory usage from the Activity Monitor. We will let the screenshot below do the talking.

Mac users with 8GB of RAM will surely appreciate Safari’s approach to memory usage.

Chrome vs. Safari: Mobile experience

Both Apple and Google have done a solid job with their iOS apps. They use a bottom bar with all the essential options. You can also use Chrome password manager as the default method to autofill login info. Chrome’s default Discover menu with news articles may irritate some users. Interestingly, Google has done a better job than Apple when it comes to widgets, as Chrome offers more widget options than Safari. Most notably, Chrome offers lock screen widgets which are missing from Safari.

Browse the web in style

Are you still unsure about the pros and cons of Chrome and Safari? Allow us to simplify the situation. Safari shines with better UI, low memory usage, and integration with other Apple apps. Chrome strikes back with cross-platform availability, rich extension support, and Google Translate integration. If you notice performance glitches while browsing the web, check CPU usage on Mac .

Special Features

Vendor voice.

Cyber-crime

Fraudsters abused Apple Stores' third-party pickup policy to phish for profits

Scam prevalent across korea and japan actually had some winners.

Black Hat Asia Speaking at the Black Hat Asia conference on Thursday, a Korean researcher revealed how the discovery of a phishing operation led to the exposure of a criminal operation that used stolen credit cards and second-hand stores to make money by abusing Apple Stores’ practice of letting third parties pick up purchases.

The Financial Security Institute of South Korea's Gyuyeon Kim explained that in September 2022 she and another researcher stumbled upon a site that victims of phishing would see when they fell for a fake link.

That site offered a facility to pay for goods – giving the phisherfolk a means of stealing credit card details.

Kim and her collaborator found 50 online stores using the fake payment page, along with 8,000 stolen credit cards and over five million stolen pieces of personal information. But simply stealing credit cards was only one piece of the plan.

"The ultimate objective of this operation was financial gain," explained Kim – the crims cashed in by selling new Apple products at discounted prices at online second-hand stores.

When buyers visiting those second-hand stores agreed to buy the Apple kit, the crims would buy it from an Apple Store using the stolen credit cards.

Here's the important part: Apple Stores allow pickup of online purchases by a designated third party – someone who did not pay for a product, but is authorized by the buyer to take it home after presenting proof of purchase and ID.

The scammers therefore bought iThings with stolen credit cards and named those who shopped on the second-hand stores as the designated third party.

For example, a $1,000 iPhone might be sold for $800 on a second-hand store. The scammers would pay for the device with a stolen credit card number obtained through their phishing trip and pocket the $800 the buyer paid on the second-hand store.

The researchers dubbed the scheme "Poisoned Apple" and said it targeted residents of Korea and Japan between 2021 and 2023. They also revealed that the criminals who ran the campaign had been scheming since 2009 and are still at large.

The researchers believe the baddies are based in China – based on hints such as registering a domains through a Chinese ISP. They also found writing on the dark web in simplified Chinese that was attributed to an email address which was left behind – presumably by mistake – in source code.

The operation was revealed when the researchers discovered a web server that stored scripts the crims used to collect stolen information. While the perps used Cloudflare's content delivery networks to hide their activities under multiple layers of IP addresses, configuration errors exposed their real IP address.

World is finally buying more phones and prices are rising

• The way Apple, Alphabet implemented DMA rules 'seems to be at odds' with law
• The iPhone 15 has a Goldilocks issue: Too big or too small. Maybe a case will make it just right
• Thieves smash hole in wall to nab $500K in Apple iKit

Kim pointed out one notable aspect of the scam was that it circumvented South Korean online payment systems, which she believes are more secure than those elsewhere.

"In other countries, online transactions only require credit card details like card number, expiration date and CVC. Korea requires additional authentication procedures. Authentication here involves various information such as card PIN, additional passwords, mobile and even ID number," explained Kim.

"This will tell you they [the attackers] must have a deep understanding of Korea's online payments," she added.

The Register has contacted Apple to understand if it is taking any action to prevent abuse of the third-party pickup designation policy, and will report back if there is substantial response. ®

• South Korea

Narrower topics

Broader topics.

• Steve Wozniak

Send us news

Other stories you might like

Apple to allow some iphones to be repaired with used parts, academics probe apple's privacy settings and get lost and confused, apple's failure to duck uk antitrust probe could bring £785m windfall for devs, protecting distributed branch office environments from ransomware.

Official: EU users can swerve App Store and download iOS apps from the web

Prolific phishing-made-easy emporium labhost knocked offline in cyber-cop op, japan turns up heat on apple, google with threat of hefty fines, apple stops warning of 'state-sponsored' attacks, now alerts about 'mercenary spyware', risc-v ai chip upstart rivos plans to undercut nvidia, helped by a quarter-billion in vc lucre, apple cuts hundreds of jobs after ditching the car project and more, whatsapp, threads, more banished from apple app store in china.

• Advertise with us

Our Websites

• The Next Platform
• Blocks and Files

Your Privacy

• Cookies Policy
• Privacy Policy
• Ts & Cs

Copyright. All rights reserved © 1998–2024