Closed lcrespilho closed 1 week ago
Hello @lcrespilho,
Thanks for reaching out! That's a very intriguing point about the NID
cookie. It is used to serve Google Ads to signed-out users.
Here's what, we think, might be happening. It's possible the NID
cookie is being categorized as ExcludeThirdPartyPhaseout
because its creation might be delayed by Google services. This delay could cause the cookie to be classified differently than intended.
We'll definitely investigate this further and see why it's being categorized in this way. We'll get back to you soon with an update.
Hello @lcrespilho
The ThirdPartyPhaseout
and ExcludeThirdPartyPhaseout
achieve similar goals, there’s a key difference in how they’re filtered out. To understand this better, let’s explore how Audits and the Network API handle cookie information:
Audits: They might flag entries with an “exclude” status. This typically indicates an event that was filtered out for specific reasons during the auditing process. Audits wouldn’t necessarily provide details on the reason for exclusion.
Network API: This API focuses on providing details about network requests and responses. It might return a “reason” field that explains why a request was blocked or failed. There wouldn’t be an “exclude” flag in this context.
To streamline the process, we’re proposing to unify the blocking reason for these scenarios. We’ll actively address this in an upcoming version by implementing the necessary changes.
This issue has been marked as stale because there has been no activity in the past 30 days.
This issue has been closed since there was no activity since it was marked as stale.
Describe the bug When blocked, the cookie NID at .google.com is not classified as third-party. His blocked reason is just "ExcludeThirdPartyPhaseout", but it should also be "ThirdPartyPhaseout". The apparent reason is that this cookie is set too late after the page loads: about 30 seconds.
To Reproduce Steps to reproduce the behavior:
Set-Cookie NID=[hash]; expires=[date]; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
header to set the NID cookie.Expected behavior The NID cookie is blocked and the PSAT extension should classify this blockage as
ThidPartyPhaseout
andExcludeThirdPartyPhaseout
, but is classifying only asExcludeThirdPartyPhaseout
.Screenshots![result](https://github.com/GoogleChromeLabs/ps-analysis-tool/assets/5513980/286ec2c9-09af-4f6b-942c-e65322af9ab7)
Desktop (please complete the following information):
Additional context PSAT System Information: Open Tabs: 1 Active Extensions: Google Docs Offline: ghbmnnjooekpmoecnnnilnnbdlolhkhi Privacy Sandbox Analysis Tool: ikodlagpencphdljdpelmcajjlloiomb Chrome Version: Version 124.0.0.0 (arm64) PSAT Version: 0.7.0 OS - System Architecture: MacOS (arm64)