neat, turning on "block third-party cookies" in Chrome prevents you from using HTTP/2 to track users across sites. blocking third-party cookies in Firefox doesn't prevent it, but setting "privacy.firstparty.isolate" does.
Conversation
i assume that Safari has strong protection against this, but i don't have a Mac/iPhone to test it on
1
actually, with "force-cache" set, you can still get a stable identifier for the user in Chromium - even if "block third-party cookies" is enabled
1
so, fun, can't seem to block this off with Chromium. but "privacy.firstparty.isolate" in Firefox seems to isolate the HTTP cache too.
2
Replying to
Try --enable-features=SplitCacheByNetworkIsolationKey for Chromium.
Replying to
interesting, i'll try that. i was looking for that, but the only one that came up in about:flags was "Prefetch requests for cross-origin main resources are fetched with a special NetworkIsolationKey"
1
Show replies