Wednesday, May 28, 2025
Several years ago, with updated releases of the popular Chrome browser I changed how I handled cross domain data as a software developer. To learn more about Cross Domain (CORS) see this reference.
Because of recent issues with Google's Chrome browser and third-party cookies, I have had to research anew issues with third-party cookies.
Allow me briefly, to explain some of the issues involved. WiredPages is a news service I use as a showcase site to demonstrate the software tools I develop.
The site is a subdomain (wiredpages.qisoftware.com) on my main business site, qisoftware.com. To insure I do not overburden qisoftware.com hosting resources, I use another domain, hosting-q.com to run most the applications I develop for WiredPages.
This is where the problems arise. Updates as to how Chrome is handling
these types of cross domain integrations are preventing some of the graphics I
use with my applications from being loaded. The illustration below shows the
problem.
One way for a user to correct the problem, enable third-party cookies for the
WiredPages site as illustrated below.
Why is this not a developer (my) problem? It is. That said, how this should work seems to be in a state of flux, and though I have implemented several fixes to address each problem I have come across, it seems to be a moving target as to how developers can consistently correct the problem.
The following articles about Related Website Sets, and how the submission process
works seems to be in 'Sandbox' mode or not recognized as a standard,
organizations wish to adopt.
- More information about Related Website Sets
- Chrome's discussion
- Mozilla's discussion
Years ago when I first ran into the CORS issue, I did a lot of research to try and correct the problem. I had another issue in that I use the Apache Tomcat Java web server.
I am not sure if the problems I am noticing now are because of Tomcat, or something else, however I feel I am chasing too many issues that can change quickly (moving target)- therefore I am not going to offer any resolution other than setting the "Unblock third-party cookies" for the WiredPages site.
In the past, one of the Tomcat configuration files, set specifically to handle the CORS issue was for some reason changed by the web host and I had to change it back. Why not put everything on my primary domain? I cannot afford to do that.
