Safari cross-domain cookies

I was so happy when Safari launched the new Profiles, as I could finally start using it in an effective way. Unfortunately, working a lot with Salesforce I am running into a consistent issue where lots of features are blocked due to Salesforce’s use of Cross-Domain Cookies.

Previously it was possible to sort of exclude this limit/block on a site by site basis, but now I can’t for the life of me figure out how.

Does anyone know if there is a way to allow cross-domain cookies in general or for specific sites with Safari on Sonoma? If so how?

I believe there’s only the global ‘prevent cross-site tracking’ setting in Setting > Privacy. I would love a domain-specific or profile-specific setting for this.

Right. Yes, I have this off. But it seems to still not help. So something is strange if that is supposed to help on the “cross-domain cookies”. I have turned off the “block all cookies” etc.

It is strange, as cross-domain cookies should be thwarted by Intelligent Tracking Prevention, not the Profiles feature itself. Perhaps the behaviour has changed with the latest Safari. Have you tried turning off content blockers?

Given that Chrome is dropping support for these, I can’t imagine that Salesforce can keep relying on them for much longer.

Ahh, so basically, Safari no longer supports these types of cookies at all and Chrome will also be dropping this support soon?

I don’t know if Safari still supports them but Google has a plan in place to phase them out over the next year. I believe they’re going to do it gradually at first, silently disabling them for a portion of their users.

Yes, this is what I found strange also. Don’t have content blockers and turned the tracking prevention as much as possible off.

It is of course quite unfortunate that Salesforce has a setup that makes it necessary to completely kill any and all privacy protection in a broad sense on your browser in an attempt to effectively use their platform, but that is how it is. :sweat_smile:

I do have access to a Salesforce environment at work, I can check out next week, what are the steps to reproduce it? Is it just trying to log into Salesforce?.

I would believe Salesforce cannot sell third party data for their enterprise customers, I haven’t read the legal service agreement but they would not secure a lot of big companies with that. So if they are not using 3rd party cookies for monetisation, it must be something broken in their SSO.