Chrome 84 Handles 3rd Party Cookies Differently – How it Affects PublishersChrome 84 is rolling out with restrictive third party cookie handling. This is how to check if it affects your site.Why Are Third Party Cookies a Problem?Chrome 84 Helps to Solve a Security ProblemHow Blocked 3rd Party Cookies Affects PublishersHow to Tell if Cookies are Not Setting in Chrome 84?Check Your Third Party CookiesCitation
Google Chrome 84 is rolling out restrictive third party cookie handling that can cause 3rd party cookies to not set. This can result in loss of income or website functions that break. This is what publishers should look out for.
Why Are Third Party Cookies a Problem?
Not all third party cookies are affected. The only third party cookies affected are those served via the insecure HTTP protocol and cookies that do not have the proper SameSite attribute.
This is the attribute that a third party cookie needs in order to set on a publisher’s site:
That tells the browser that it is okay to set the cookie and that the cookie is sent via the secure HTTPS protocol.
Chrome 84 Helps to Solve a Security Problem
This change will help to keep a publisher site more secure. This will help to block cross-site request forgery exploits.
This is how Google explains it:
“One of the cultural properties of the web is that it’s tended to be open by default. This is part of what has made it possible for so many people to create their own content and apps there.
However, this has also brought a number of security and privacy concerns.
Cross-site request forgery (CSRF) attacks rely on the fact that cookies are attached to any request to a given origin, no matter who initiates the request.
For example, if you visit evil.example then it can trigger requests to your-blog.example, and your browser will happily attach the associated cookies.
If your blog isn’t careful with how it validates those requests then evil.example could trigger actions like deleting posts or adding their own content.”
How Blocked 3rd Party Cookies Affects Publishers
Third party cookies can connect to a browser and find out if the person is logged into another service and if so, allow that login to exist on the publisher site without requiring the site visitor to log back in.
A third party cookie makes it easier for a site visitor to share a web page via email or a social media account.
Third party cookies also power functionalities like live chat apps. The cookies allow the app to remember if the site visitor has interacted with the chat app.
Importantly, a third party cookie allows an advertiser to show the most relevant ad on your site to your site visitors.
If the third party cookie fails to set then that may result in less relevant advertising showing on your site, which can lead to less earnings for the publisher.
How to Tell if Cookies are Not Setting in Chrome 84?
Chrome Dev Tools will alert you to 3rd party cookies that are not setting. But you must have Chrome 84 downloaded.
If the update cookie handling isn’t rolled out to your Chrome 84 version, try downloading Chrome Canary.
Chrome Canary is Google’s beta version of Chrome that has future functionalities of Chrome already installed.
I used Chrome Canary in order to generate the the screenshots for this article. 🙂
All you have to do is open the Chrome developer console by click CTRL Option J on an Apple device or CTRL Shift on a Windows OS.
You can also click on the three dot menu located in the top right of your Chrome browser and select More Tools > Developer Tools.
Screenshot of Chrome Dev Tools warning about missing cookie attribute:
Basically, there’s not much for publishers to do to fix a problem on their own. The problem exists on the service providers site.
But there is a lot for publishers to be aware of.
Failure to check if third party cookies are not setting could result in lost earnings and a poor user experience.
It’s a good idea to check your cookies to see if any are not setting. If they aren’t, you can try updating where you get your code, contacting the ad network or switching to another service.
Web.dev says this about the upcoming change to how third party cookies are handled:
“If you rely on any services that provide third-party content on your site, you should also check with the provider that they are updating their services. You may need to update your dependencies or snippets to ensure that your site picks up the new behavior.”
Screenshot of problematic cookies as shown in Chrome Dev Tools:
Check Your Third Party Cookies
It’s a good idea to check your third party cookies to see if anything is wrong. I would encourage you to download Chrome Canary to check your site with the Chrome Dev Console.
I find that Chrome Canary is a good browser to have for checking the search results when you need a second opinion, too. Every search marketer should consider downloading it just to have around.
Google’s Official Announcement:
New in Chrome 84