fsebugoutzone.org:9999

       Post Ahx0VEZX2q7CdUObZo by jeroen@secluded.ch
 (DIR) More posts by jeroen@secluded.ch
 (DIR) Post #AhupbOHONVW2fViyPI by bagder@mastodon.social
       2024-05-03T07:22:03Z
       
       0 likes, 0 repeats
       
       The rfc6265bis document - the updated #cookie spec - is now in draft-14: https://www.ietf.org/archive/id/draft-ietf-httpbis-rfc6265bis-14.html It has been in the works for almost a decade by now!
       
 (DIR) Post #AhupbPKGUJPLui4mWW by bagder@mastodon.social
       2024-05-03T07:52:36Z
       
       0 likes, 0 repeats
       
       my own little contrib that shows in -14 came via this: https://github.com/httpwg/http-extensions/issues/2541
       
 (DIR) Post #AhupbSmjcuxodsQ3oe by bagder@mastodon.social
       2024-05-03T07:30:37Z
       
       0 likes, 0 repeats
       
       a fun change in this draft compared to the RFC:&quot;The user agent MUST limit the maximum value of the Max-Age attribute. The limit SHOULD NOT be greater than 400 days (34560000 seconds) in duration. The RECOMMENDED limit is 400 days in duration, but the user agent MAY adjust the limit. Max-Age attributes that are greater than the limit MUST be reduced to the limit.&quot;
       
 (DIR) Post #Ahx0VAcviGSMOrxGJk by bagder@mastodon.social
       2024-05-03T08:09:24Z
       
       0 likes, 0 repeats
       
       @KHoos cookies are basically always wildcard since they tailmatch. They were made to work like that in the 90s, long before cookies  tracked users. Also, without &quot;third party cookies&quot;, it is hard to see how they can actually track users successfully.
       
 (DIR) Post #Ahx0VC0iZJ4wgw5m2C by jeroen@secluded.ch
       2024-05-03T11:37:40Z
       
       0 likes, 0 repeats
       
       @bagder @KHoos they got javascript execution on each ad &quot;display&quot;, and fingerprinting is a thing (and chrome has the new &quot;Topics&quot; or whatever they call it today); IP addresses are mostly not unique especially in combo with even a light fingerprint.Disabling third party cookies is good, but only disadvantages those who do not build browsers and control what they load up in there.
       
 (DIR) Post #Ahx0VEZX2q7CdUObZo by jeroen@secluded.ch
       2024-05-03T11:46:41Z
       
       0 likes, 0 repeats
       
       @bagder @KHoos proof in point: https://mastodon.social/@mysk/112376334343918219
       
 (DIR) Post #Ai3DSZ5cljbNkoDwiu by bagder@mastodon.social
       2024-05-03T09:33:57Z
       
       0 likes, 0 repeats
       
       @jub0bs @KHoos sure, but the domain property always existed and has been used widely since the beginning