In a significant move towards enhancing user privacy, major web browsers are on a trajectory to deprecate support for third-party cookies to limit cross-site tracking. This shift has notable implications for developers of Front custom plugins or third-party integrations that rely on third-party cookies for authentication and other functionalities. Understanding this transition is crucial to ensure the continued seamless operation of your plugins once third-party cookies are fully deprecated.
Google's Countdown to Q3 2024
Google has made clear its intent to fully deprecate third-party cookies in Chrome browsers by Q3 2024. If your current plugins use third-party cookies, you will have to adapt them by Q3 2024 to avoid loss of functionality in Chrome. This deprecation impacts any user on Chrome-based browsers and the Front desktop app. For more details on Google's deprecation timeline, refer to their official blog post.
Safari and Mozilla: Joining the Privacy Bandwagon
Google is not alone in this endeavor, nor is it the first to do so. Apple and Mozilla have already taken steps to limit or deprecate third-party cookies in their browsers. The Safari and Firefox browsers have a long-standing commitment to privacy and have been progressively implementing measures to curtail tracking and data collection.
The Implications for Front Plugins
For developers working on Front plugins that currently rely on third-party cookies, it's imperative to adapt to the evolving landscape as soon as possible. Authentication and various plugin features may be affected if your plugin was built to leverage third-party cookies. Front has never recommended nor required that plugins use third-party cookies, but we haven’t prevented the use of them either. This means that your plugin code might rely on third-party cookies and be susceptible to this deprecation.
You can determine whether your plugin uses third-party cookies by auditing your code for cookies set to SameSite=None as explained by Google. If you identify third-party cookies, you will have to modify your code so that your plugin no longer relies on them.
The Recommended Paradigm: Partitioned Cookies (CHIPS)
After an initial review, Front suggests exploring Partitioned Cookies, also known as CHIPS, to replace third-party cookies on Chrome browsers. This paradigm provides a privacy-preserving alternative that aligns with the changing standards of browser behavior, allowing third-party services to set cookies while preventing cross-site tracking of those cookies.
We recommend the following guide to learn about CHIPS:
If your plugin uses third-party cookies, please evaluate whether CHIPS is a suitable alternative to keep your plugins running after the full deprecation of third-party cookies in Q3 2024.
Note that CHIPS is not currently supported by Firefox or Safari. There is a discussion about what those browsers have implemented and how you might handle their policies on the CHIPS GitHub page.
Front's Ongoing Evaluation and Future Recommendations
Front is monitoring the evolving landscape of browser privacy measures and is actively evaluating the impact of third-party cookie deprecation on Front plugins. As part of our commitment to supporting developers, we will share updated recommendations as we gain new insights and navigate the changing terrain of web standards.