SameSite cookie + StatCounter (in Chrome)

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • Paul&John
    Confirmed User
    • Aug 2005
    • 8644

    #1

    SameSite cookie + StatCounter (in Chrome)

    Hi there!

    Today I noticed the following in the console log at Chrome:
    A cookie associated with a cross-site resource at Web Analytics Made Easy - Statcounter was set without the `SameSite` attribute. It has been blocked, as Chrome now only delivers cookies with cross-site requests if they are set with `SameSite=None` and `Secure`. You can review cookies in developer tools under Application>Storage>Cookies and see more details at https://www.chromestatus.com/feature/5088147346030592 and https://www.chromestatus.com/feature/5633521622188032.
    But when checking stats via StatCounter users with Chrome browser are still listed there. So my question would be: are the Chrome users still counted, or only those with an older version of the browser?

    Also is there anything I can do about it? I did a quick look up and it seems like the guys at statcounter need to update something on their end for this not being blocked.. I also tried to generate the html code to be inserted once again and it seems like I'm getting the same one as I already have.

    Thanks.
    Use coupon 'pauljohn' for a $1 discount at already super cheap NameSilo!
    Anal Webcams | Kinky Trans Cams Live | Hotwife XXX Tube | Get your Proxies here
  • Paul&John
    Confirmed User
    • Aug 2005
    • 8644

    #2
    Damn, no one? Bump
    Use coupon 'pauljohn' for a $1 discount at already super cheap NameSilo!
    Anal Webcams | Kinky Trans Cams Live | Hotwife XXX Tube | Get your Proxies here

    Comment

    • Paul&John
      Confirmed User
      • Aug 2005
      • 8644

      #3
      Final bump
      Use coupon 'pauljohn' for a $1 discount at already super cheap NameSilo!
      Anal Webcams | Kinky Trans Cams Live | Hotwife XXX Tube | Get your Proxies here

      Comment

      • blackmonsters
        Making PHP work
        • Nov 2002
        • 20979

        #4
        Originally posted by Paul&John
        Final bump


        Set-Cookie: somecookie=abc123; SameSite=None; Secure


        https://web.dev/samesite-cookies-explained/


        Now please send $500 Billion to my paypal account; if you have less than $500 Billion then
        I will accept 4 rolls of toilet paper and a tomato instead.

        Free Open Source Live Aggregated Cams Script (FOSLACS)

        Comment

        • Paul&John
          Confirmed User
          • Aug 2005
          • 8644

          #5
          Thanks for the reply, but this needs to be edited in the Statcounter code itself which gets provided by them, no?

          I mean the cookie set by statcounter is this for example:
          Code:
          __cfduid=dd67a3df3519a5b4e1585056313; expires=Thu, 23-Apr-20 13:25:13 GMT; path=/; domain=.statcounter.com; HttpOnly; SameSite=Lax
          And this is the example code added to the footer
          Code:
          <script type="text/javascript">
          var sc_project=2197334; 
          var sc_invisible=0; 
          var sc_security="d176e8f6"; 
          var scJsHost = "https://";
          document.write("<sc"+"ript type='text/javascript' src='" +
          scJsHost+
          "statcounter.com/counter/counter.js'></"+"script>");
          </script>
          <noscript><div class="statcounter"><a title="Web Analytics"
          href="https://statcounter.com/" target="_blank"><img
          class="statcounter"
          src="https://c.statcounter.com/2197334/0/d176e8f6/0/"
          alt="Web Analytics"></a></div></noscript>
          so they need to add that SameSite=none; Secure part into the .js ( statcounter.com/counter/counter.js ) , right? I cant overwrite it on my end from Lax to None?
          Use coupon 'pauljohn' for a $1 discount at already super cheap NameSilo!
          Anal Webcams | Kinky Trans Cams Live | Hotwife XXX Tube | Get your Proxies here

          Comment

          • blackmonsters
            Making PHP work
            • Nov 2002
            • 20979

            #6
            Originally posted by Paul&John
            Thanks for the reply, but this needs to be edited in the Statcounter code itself which gets provided by them, no?

            I mean the cookie set by statcounter is this for example:
            Code:
            __cfduid=dd67a3df3519a5b4e1585056313; expires=Thu, 23-Apr-20 13:25:13 GMT; path=/; domain=.statcounter.com; HttpOnly; SameSite=Lax
            And this is the example code added to the footer
            Code:
            <script type="text/javascript">
            var sc_project=2197334; 
            var sc_invisible=0; 
            var sc_security="d176e8f6"; 
            var scJsHost = "https://";
            document.write("<sc"+"ript type='text/javascript' src='" +
            scJsHost+
            "statcounter.com/counter/counter.js'></"+"script>");
            </script>
            <noscript><div class="statcounter"><a title="Web Analytics"
            href="https://statcounter.com/" target="_blank"><img
            class="statcounter"
            src="https://c.statcounter.com/2197334/0/d176e8f6/0/"
            alt="Web Analytics"></a></div></noscript>
            so they need to add that SameSite=none; Secure part into the .js ( statcounter.com/counter/counter.js ) , right? I cant overwrite it on my end from Lax to None?
            Yes.

            You can't do anything about another site's cookie.
            They have to fix it on their end.

            Now quit stalling on the toilet paper, I will no longer accept $500 Billion.

            Free Open Source Live Aggregated Cams Script (FOSLACS)

            Comment

            • Paul&John
              Confirmed User
              • Aug 2005
              • 8644

              #7
              Ok thats what I thought, pretty male from their end
              Use coupon 'pauljohn' for a $1 discount at already super cheap NameSilo!
              Anal Webcams | Kinky Trans Cams Live | Hotwife XXX Tube | Get your Proxies here

              Comment

              • blackmonsters
                Making PHP work
                • Nov 2002
                • 20979

                #8
                Originally posted by Paul&John
                Ok thats what I thought, pretty male from their end
                Send my toilet paper!

                Free Open Source Live Aggregated Cams Script (FOSLACS)

                Comment

                Working...