<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>Cookie on Commentary of Takao</title><link>https://takao.blog/zh/tags/cookie/</link><description>Recent content in Cookie on Commentary of Takao</description><generator>Hugo -- gohugo.io</generator><language>zh</language><copyright>Commentary of Takao</copyright><lastBuildDate>Wed, 15 Jul 2026 22:01:08 +0900</lastBuildDate><atom:link href="https://takao.blog/zh/tags/cookie/index.xml" rel="self" type="application/rss+xml"/><item><title>Cloudflare隐私沙盒与第三方Cookie淘汰</title><link>https://takao.blog/zh/web/cloudflare-privacy-sandbox-thirdparty-cookie-deprecation/</link><pubDate>Fri, 05 Dec 2025 00:00:00 +0900</pubDate><guid>https://takao.blog/zh/web/cloudflare-privacy-sandbox-thirdparty-cookie-deprecation/</guid><description>&lt;img src="https://takao.blog/img/thumbnail/cloudflare-privacy-sandbox-thirdparty-cookie-deprecation-zh.png" alt="Featured image of post Cloudflare隐私沙盒与第三方Cookie淘汰" /&gt;&lt;h2 id="the-end-of-third-party-cookies"&gt;The End of Third-Party Cookies
&lt;/h2&gt;&lt;p&gt;The third-party cookie era is ending. After years of delays and industry pushback, Chrome has begun phasing out cross-site tracking cookies. This fundamentally changes how web analytics, advertising, and personalization function. Understanding the deprecation timeline and replacement APIs is essential for every web developer.&lt;/p&gt;
&lt;h2 id="chrome-phase-out-timeline"&gt;Chrome Phase-Out Timeline
&lt;/h2&gt;&lt;p&gt;Google&amp;rsquo;s Privacy Sandbox initiative has followed this trajectory:&lt;/p&gt;
&lt;table&gt;
	&lt;thead&gt;
			&lt;tr&gt;
					&lt;th&gt;Date&lt;/th&gt;
					&lt;th&gt;Milestone&lt;/th&gt;
			&lt;/tr&gt;
	&lt;/thead&gt;
	&lt;tbody&gt;
			&lt;tr&gt;
					&lt;td&gt;2024 Q1&lt;/td&gt;
					&lt;td&gt;1% Chrome users have 3PC restricted&lt;/td&gt;
			&lt;/tr&gt;
			&lt;tr&gt;
					&lt;td&gt;2025 Q2&lt;/td&gt;
					&lt;td&gt;Testing phase with expanded cohorts&lt;/td&gt;
			&lt;/tr&gt;
			&lt;tr&gt;
					&lt;td&gt;2025 Q3-Q4&lt;/td&gt;
					&lt;td&gt;Graduated rollout begins&lt;/td&gt;
			&lt;/tr&gt;
			&lt;tr&gt;
					&lt;td&gt;2026&lt;/td&gt;
					&lt;td&gt;Full deprecation for all Chrome users&lt;/td&gt;
			&lt;/tr&gt;
	&lt;/tbody&gt;
&lt;/table&gt;
&lt;h2 id="privacy-sandbox-apis"&gt;Privacy Sandbox APIs
&lt;/h2&gt;&lt;p&gt;The Privacy Sandbox replaces third-party cookies with several purpose-built APIs:&lt;/p&gt;</description></item><item><title>缓解 CSRF：SameSite Cookie 属性和 CSRF 令牌</title><link>https://takao.blog/zh/web/security-csrf-tokens-samesite-cookies/</link><pubDate>Mon, 25 Aug 2025 00:00:00 +0900</pubDate><guid>https://takao.blog/zh/web/security-csrf-tokens-samesite-cookies/</guid><description>&lt;img src="https://takao.blog/img/thumbnail/security-csrf-tokens-samesite-cookies-zh.png" alt="Featured image of post 缓解 CSRF：SameSite Cookie 属性和 CSRF 令牌" /&gt;&lt;h2 id="介绍"&gt;介绍
&lt;/h2&gt;&lt;p&gt;Cookie 是管理用户身份验证状态的便捷机制。当会话 ID 存储在 cookie 中时，浏览器会自动将其附加到针对该域的传出 HTTP 请求。&lt;/p&gt;
&lt;p&gt;但是，此自动附件功能会被 &lt;strong&gt;跨站点请求伪造 (CSRF)&lt;/strong&gt; 攻击所利用。&lt;/p&gt;</description></item></channel></rss>