Hacker News new | past | comments | ask | show | jobs | submit login

I really like the changes they are making here.

One that stands out that I think will cause plenty of issues is the "Block Cookies not from Current Website". This should basically block all tracking, like, +1 etc... buttons, right?

I think it will even impact the SSO that Google has across its properties.

I’m running Yosemite and the default is “block cookies not from current or previously visited websites”. Not sure if it’s the same on iOS 8, but that would seem to allow the buttons to use cookies as long as the user has been to that website (e.g. Facebook, for a “like” button) before.

With comprehensive shared web history via iCloud this could sort of work, but I never (for example) visit the Facebook mobile site from my phone, despite using their apps daily.

ohhh ok, but it would block pure advertising cookies because its less likely that a user would directly visit the domain that they originate from.

that is still good, however I would prefer if it did allow you to block all cookies that aren't from the current website.

Is there a difference between "not from current website" and "3rd party"?

"not from current or previously visited websites" allows for HTTP redirects to count as "previously visited websites" (atleast in Firefox). Thus Redirect tracking still allows to set cookies for advertising networks that could be read out in iFrames or image / "tracking beacon" requests. As far as i understood: "3rd party" would exclude this.

Multidomain distribution to bypass connections restrictions, that kind of stuff? Or domains with different servers for different use cases?

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact