I don't understand the hate for this trick. It still breaks cross-site user tracking. It's just sort of a hack around installing a hypothetical Google Analytics app on-prem or pumping in data via a server-to-server integration.
Google Analytics can't cross-reference data from other sites on the browser, b/c it's not a third party cookie now... what's the problem?
I didn’t know what you meant, so for others equally confused, this is a decent article:
https://www.theregister.com/2021/02/24/dns_cname_tracking/
I don't understand the hate for this trick. It still breaks cross-site user tracking. It's just sort of a hack around installing a hypothetical Google Analytics app on-prem or pumping in data via a server-to-server integration.
Google Analytics can't cross-reference data from other sites on the browser, b/c it's not a third party cookie now... what's the problem?
Work is ongoing on that front too: ttps://webkit.org/blog/8146/protecting-against-hsts-abuse/
If it’s only a CNAME, you’re one DNS lookup away from continuing to block it.
One DNS lookup you’re doing anyways.
It's random CNAMEs and they use the unique cname you queried as another tracking point.