Partitioned Cookies

chrome console message for cookies

If you are a web developer and you are setting cookies to be used by third-party websites (perhaps you are a plugin developer) and now want to know how to partition a cookie so that your cookie doesn’t break and your App is ready for future versions of Google Chrome, you’ve come to the right place.

Video Tutorial Showing How-to Partition a Cookie

When preparing and testing cookies using Chrome Web Developer Toolbar, you should NOT see this Chrome Console message warning. Reading Cookie in Cross-Site Context may be impacted on Chrome Reading Cookie in Cross-Site Context Message Chrome Here’s sample codes and workarounds for you to consider partitioning your cookie. Sample codes with detailed comments can be downloaded here Partitioned Cookie Examples (.zip format).

NONE Partitioned Cookie Set Using JavaScript

function setCookie(name, value, days) { const d = new Date(); d.setTime(d.getTime() + (days * 24 * 60 * 60 * 1000)); const expires = "expires=" + d.toUTCString(); document.cookie = name + "=" + value + ";" + expires + ";path=/"; } setCookie("RankYaFirstPartyCookie", "RankYaCookie", 90);

Partitioned Cookie

You need to set SameSite=None; Secure; Partitioned on your cookie. function setCookie(name, value, days) { const d = new Date(); d.setTime(d.getTime() + (days * 24 * 60 * 60 * 1000)); const expires = "expires=" + d.toUTCString(); document.cookie = name + "=" + value + ";" + expires + ";path=/;SameSite=None;Secure;Partitioned"; } setCookie("RankYaFirstPartyCookie", "RankYaCookie", 90);

PHP Example

function onInitSetCookie(){ $domain = parse_url(home_url(), PHP_URL_HOST); $baseDomain = YaMetrikaHelpers::getBaseDomain($domain); $expires = time() + 31536000; // Cookie expires in 1 year (365 * 24 * 60 * 60 seconds) $path = '/'; // Cookie is available for the entire domain $domain = '.'.$baseDomain; // Set the domain for the cookie $secure = isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on'; // Check if the connection is HTTPS // Check if the cookie '_ym_d' is already set before attempting to re-set it. // This prevents unnecessary cookie re-setting on every page load if it already exists. if (isset($_COOKIE['_ym_d'])) { // Set the cookie with modern attributes using the options array (PHP 7.3+). // 'samesite' => 'None': Required for cross-site cookies, allows the cookie to be sent with cross-site requests. // 'secure' => $secure: Ensures the cookie is only sent over HTTPS. // 'partitioned' => true: (PHP 8.1+) Signals the browser to store the cookie in a partitioned jar, tying it to the top-level site for privacy. setcookie('_ym_d', time(), [ 'expires' => $expires, 'path' => $path, 'domain' => $domain, 'secure' => $secure, 'samesite' => 'None', 'partitioned' => true // This attribute is for PHP 8.1+ ]); } } NOTE: the Partitioned attribute for setcookie is available in PHP 8.1 and later. If you are using an older PHP version, this exact syntax for Partitioned might not work directly, and you might need to append it via the header() function.

Apache Header Example

<IfModule mod_headers.c> # Set a cookie named 'myPartitionedCookie' with a value, path, and SameSite=None;Secure;Partitioned # This example sets a cookie that expires in 1 hour (3600 seconds) Header always set Set-Cookie "myPartitionedCookie=somevalue; Path=/; Max-Age=3600; SameSite=None; Secure; Partitioned" </IfModule>

Note: these insights are for Plugin or App developers setting cookie to be used on various websites.

By RankYa

RankYa is a content creator and digital services provider dedicated to growing your sales and business website's results. Highly experienced technical problem solver, Google products expert with proven 'Social Media Marketing' skills, RankYa (100% Australian Owned and Operated) is dedicated to helping small businesses to grow.

We're looking forward to contributing towards your online success. Contact Us.

Questions? Leave a Comment!

Your email address will not be published. Required fields are marked *