I believe this is what the folks at Netscape tried to eliminate in 4.0, which I'm told features four cookie settings. One rejects "third party cookies." -Declan On Thu, 7 Aug 1997, Dr.Dimitri Vulis KOTM wrote:
Declan McCullagh <declan@well.com> writes:
Thanks for the help, folks. This is for an article on privacy I was working on, and I found the info I needed. For instance, Netscape's explanation of the protocol left me wondering about whether cookies from acme.com could be requested by competitor.com. The answer is YES, although it requires a little work.
Suppose that you point your browser at http://www.A.com/index.html.
Suppose that file contains an <img src="http://www.B.com/X.cgi">. The CGI file displays a little picture, and also gets or sets a cookie.
Suppose you next browse http://www.C.com/index.html, and it too contains the same <img src...>. Since the cookie is "owned" by B.com, not A.com or C.com, the cgi file can track your movement from A.Com to B.Com.
---
Dr.Dimitri Vulis KOTM Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps