You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Describe the bug
Javascript cookies (those set with document.cookie) set in cross-site iframes are not being detected by PSAT. They are considered by the browser, though.
Expected behavior
The cross-site iframe tries to create a third-party cookie without the Partitioned attribute and can't because chrome-3pcd-ps has 3pc disabled. This is the expected behavior and even the DevTools console logs the try in the issues tab. The problem is that the try should be detected/logged by PSAT, but it doesn't.
Screenshots
Screenshot 1: DevTools issues panel evidencing that there was a failed attempt to create the 3PC without Partitioned attribute:
Screenshot 2: PSAT didn't detect the failed attempt to create the cookie:
Desktop (please complete the following information):
OS: MacOS 14.4.1 Sonoma
Browser: Chrome
Version: 124.0.6367.80 (Official Build) (arm64)
Additional context
PSAT System Information:
Open Tabs: 1
Active Extensions:
Google Docs Offline: ghbmnnjooekpmoecnnnilnnbdlolhkhi
Privacy Sandbox Analysis Tool: ikodlagpencphdljdpelmcajjlloiomb
Chrome Version: Version 124.0.0.0 (arm64)
PSAT Version: 0.7.0
OS - System Architecture: MacOS (arm64)
The text was updated successfully, but these errors were encountered:
Thanks for bringing this to our attention! You’re correct, PSAT’s JavaScript cookie detection (specifically the document.cookie ) is currently limited to the main website frame and doesn’t extend to sub frames (iframes).
We recognize this as a bug and are actively working on a fix. The solution will be included in an upcoming version, so stay tuned!
Describe the bug
Javascript cookies (those set with document.cookie) set in cross-site iframes are not being detected by PSAT. They are considered by the browser, though.
To Reproduce
Steps to reproduce the behavior:
Obs: I have set up a similar test lab here: https://louren.co.in/PSAT/issue645/topframe.html
Expected behavior
The cross-site iframe tries to create a third-party cookie without the
Partitioned
attribute and can't because chrome-3pcd-ps has 3pc disabled. This is the expected behavior and even the DevTools console logs the try in the issues tab. The problem is that the try should be detected/logged by PSAT, but it doesn't.Screenshots
Screenshot 1: DevTools issues panel evidencing that there was a failed attempt to create the 3PC without
Partitioned
attribute:Screenshot 2: PSAT didn't detect the failed attempt to create the cookie:
Desktop (please complete the following information):
Additional context
PSAT System Information:
Open Tabs: 1
Active Extensions:
Google Docs Offline: ghbmnnjooekpmoecnnnilnnbdlolhkhi
Privacy Sandbox Analysis Tool: ikodlagpencphdljdpelmcajjlloiomb
Chrome Version: Version 124.0.0.0 (arm64)
PSAT Version: 0.7.0
OS - System Architecture: MacOS (arm64)
The text was updated successfully, but these errors were encountered: