Third Party Cookies Blocked - Explained

If you are using Google Chrome or a different Chromium based browser, you may have seen a warning recently that says something about third party cookies being blocked. In this post I explain what that means, what third party cookies are and why they weren't invited to our party.

What Are Third Party Cookies?

Let's say that you're visiting Let's say that website makes an ajax request to and that request has a set-cookie header. Cookies created with that set-cookie header are first-party cookies because the origin of that ajax request are the same as the hostname of the page that triggered that request.

Now let's say that the same page ( ) is using a service to show users funny gifs and it is making a request to to fetch information about what gifs to show. If that request returns a set-cookie header - that cookie will be considered third-party, because it originated from a different origin.

Third-party cookie deprecation

Because of the recent changes to the google chrome browser, these third party cookies will not be allowed by default.

You can read more about it here: Prepare for phasing out third-party cookies and here: Storage Partitioning.

What does this mean for chrome extension development?

If your chrome extension was relying on injecting an iframe that is hosted on a third-party origin and cookies or local storage to store user's access tokens and session data - that will not work anymore. The solution is to start using instead.