Comment by jefftk
5 years ago
How would you propose handling this with DNS? Here are some things it covers:
* a.example.com and b.example.com are the same site
* a.co.uk and b.co.uk are not the same site
* a.cloudfront.net and b.cloudfront.net are not the same site
* a.higashikawa.hokkaido.jp and b.higashikawa.hokkaido.jp are not the same site
* a.example.higashikawa.hokkaido.jp and b.example.higashikawa.hokkaido.jp are the same site
There is a proposal to do something similar using response headers and .well-known urls: https://github.com/privacycg/first-party-sets
This requires sites to opt in before it works, right? I think this would have been hard to introduce, because it requires so much coordination.
Isn't opting in how almost everything got on the list?
1 reply →