First-Party Cookies First-Party CookiesCookies can be divided into two types. First-party cookies are cookies set by the website in the URL bar at the top of the page.
- -From the early days of the internet, it became obvious that it would be advantageous for websites to be able to store - information on a computer for future access. For example, a website that displays weather information could ask the - user for a zip code, and then store it in a cookie. The next time the user visited the website, weather information - would automatically load for that zip code, without the user having to enter the zip code, and without the need for - the user to create an account on the website (which would be overkill for such a simple task).
- -Like everything else on the web, clever people figured out all types of ways to abuse cookies to do things that users - would not approve of if they knew they were happening. For example, a website can set a cookie with a unique serial - number on a device. Then, every time a user visits the website on that device, it can be linked to a unique profile - the server maintains for that serial number, even if the device connects from different IP addresses, as cell phones often do.
- -Some websites with logins require first-party cookies to be enabled for a user to stay logged in. Cookies aren't the only only way - a website can maintain a user logged in as they move from page to page on the site, but if a particular website has chosen to - implement logins in that way, enabling first-party cookies on that site will be the only way to use the functionality.
- -If first-party cookies are enabled but JavaScript is disabled, the privacy icon will be yellow 
- as a warning.
Third-Party CookiesThird-party cookies are set by portions of a website that are loaded from servers different from the URL at the top of the page. - For example, most website that have advertisements load them from a third-party ad broker, like Google's - Ad Sense. Every time the website loads, it requests the ad - broker to display some ads. The ad broker analyzes any information they may have about the user, looks at the current - rate advertisers are willing to pay for their ads, and selects those to display. The section of the website that displays - the ads is loaded from the third-party broker's server instead of the main server.
- -Because most of the advertisements on the internet are displayed from only a few brokers, it didn't take long for them to realize - that they could set a tracking cookie on the user's device and know every place that user goes. Every time an ad loads from a broker, - the first thing it does it check to see if if the device already has a unique serial number in a tracking cookie. If it does, it looks up - the profile for that serial number and makes a note of the new site. This is why a user can do a search on one website for a - product that they typically don't look for, like walnuts, and then suddenly start seeing advertisements for walnuts on every - website they visit.
- -In addition to ad brokers, social media sites discovered they could get in on the action. A few years ago, the major social media sites - like Facebook and Twitter convinced a large number of websites that it would be in there best interest to place little social media - icons on their pages. These are not just images. They contain imbedded code that - links back to the social media site, and, among other things, loads a third-party cookie on the device. These cookies are placed even if the user does - not have an account with the social media platform. Over time, companies like Facebook (which also run an ad network) have built up quite a large number - of detailed profiles about people who have never even - created an account on their site.
- -There is almost no good reason to ever enable third-party cookies. On devices with Android KitKat or older (version <= 4.4.4 or API <= 20), WebView - does not differentiate - between first-party and third-party cookies. Thus, enabling first-party cookies will also enable third-party cookies.
- - -
DOM StorageDocument Object Model storage, also known as web storage, is like cookies on steroids. Whereas the maximum combined storage size for all cookies from - a single URL is 4 kilobytes, DOM storage can hold between 5-25 megabytes per site. - Because DOM storage uses JavaScript to read and write data, enabling it will do nothing unless JavaScript is also enabled.
- - -
Form DataForm data contains information typed into web forms, like user names, addresses, phone numbers, etc., and lists them in a drop-down box on future visits. - Unlike the other forms of local storage, form data is not sent to the web server without specific user interaction.
- + + + + + + + First-Party CookiesFirst-party cookies are set by the website in the URL bar at the top of the page.
+ +From the early days of the internet, it became obvious that it would be advantageous for websites to be able to store + information on a computer for future access. For example, a website that displays weather information could ask the + user for a zip code, and then store it in a cookie. The next time the user visited the website, weather information + would automatically load for that zip code, without the user having to enter the zip code, and without the need for + the user to create an account on the website (which would be overkill for such a simple task).
+ +Like everything else on the web, clever people figured out all types of ways to abuse cookies to do things that users + would not approve of if they knew they were happening. For example, a website can set a cookie with a unique serial + number on a device. Then, every time a user visits the website on that device, it can be linked to a unique profile + the server maintains for that serial number, even if the device connects from different IP addresses, as cell phones often do.
+ +Many websites with logins require first-party cookies to be enabled for a user to stay logged in. Cookies arenât the only way + a website can maintain a user logged in as they move from page to page on the site, but if a particular website has chosen to + implement logins in that way, enabling first-party cookies on that site will be the only way to use the functionality.
+ +If first-party cookies are enabled but JavaScript is disabled, the privacy icon will be yellow
+ as a warning.
Third-Party CookiesThird-party cookies are set by portions of a website that are loaded from servers different from the URL at the top of the page. + For example, most website that have advertisements load them from a third-party ad broker, like Googleâs + Ad Sense. Every time the website loads, it requests the ad + broker to display an ad. The ad broker analyzes any information they may have about the user, looks at the current + rate advertisers are willing to pay for their ads, and selects the one to display. The section of the website that displays + the ads is loaded from the third-party brokerâs server instead of the main server.
+ +Because most of the advertisements on the internet are processed by only a few brokers, it didnât take long for them to realize + that they could set a tracking cookie on the userâs device and know every place that user goes. Every time an ad loads from a broker, + the first thing it does it check to see if if the device already has a unique serial number in a tracking cookie. If it does, it looks up + the profile for that serial number and makes a note of the new site. This is why a user can do a search on one website for a + product they typically donât look for, like walnuts, and then suddenly start seeing advertisements for walnuts on every + website they visit.
+ +In addition to ad brokers, social media sites discovered they could get in on the action. A few years ago, the major social media sites + like Facebook and Twitter convinced a large number of websites that it would be in there best interest to place little social media + icons on their pages. These are not just images. They contain embedded code that + links back to the social media site, and, among other things, loads a third-party cookie on the device. These cookies are placed even if the user does + not have an account with the social media platform. Over time, companies like Facebook (which also runs an ad network) have built up quite a large number + of detailed profiles about people who have never even + created an account on their site.
+ +There is almost no good reason to ever enable third-party cookies. On devices with Android KitKat or older (version <= 4.4.4 or API <= 20), WebView + does not differentiate + between first-party and third-party cookies. Thus, enabling first-party cookies will also enable third-party cookies.
+ + + DOM StorageDocument Object Model storage, also known as web storage, is like cookies on steroids. Whereas the maximum combined storage size for all cookies from + a single URL is 4 kilobytes, DOM storage can hold megabytes per site. + Because DOM storage uses JavaScript to read and write data, enabling it will do nothing unless JavaScript is also enabled.
+ + + Form DataForm data contains information typed into web forms, like user names, addresses, phone numbers, etc., and lists them in a drop-down box on future visits. + Unlike the other forms of local storage, form data is not sent to the web server without specific user interaction.
+ \ No newline at end of file