Saved in:
| Main Authors: | , , |
|---|---|
| Format: | Preprint |
| Published: |
2024
|
| Subjects: | |
| Online Access: | https://arxiv.org/abs/2406.05310 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1866918151837450240 |
|---|---|
| author | Bahrami, Pouneh Nikkhah Fass, Aurore Shafiq, Zubair |
| author_facet | Bahrami, Pouneh Nikkhah Fass, Aurore Shafiq, Zubair |
| contents | As third-party cookies are being phased out or restricted by major browsers, first-party cookies are increasingly repurposed for tracking. Prior work has shown that third-party scripts embedded in the main frame can access and exfiltrate first-party cookies, including those set by other third-party scripts. However, existing browser security mechanisms, such as the Same-Origin Policy, Content Security Policy, and third-party storage partitioning, do not prevent this type of cross-domain interaction within the main frame. While recent studies have begun to highlight this issue, there remains a lack of comprehensive measurement and practical defenses.
In this work, we conduct the first large-scale measurement of cross-domain access to first-party cookies across 20,000 websites. We find that 56 percent of websites include third-party scripts that exfiltrate cookies they did not set, and 32 percent allow unauthorized overwriting or deletion, revealing significant confidentiality and integrity risks.
To mitigate this, we propose CookieGuard, a browser-based runtime enforcement mechanism that isolates first-party cookies on a per-script-origin basis. CookieGuard blocks all unauthorized cross-domain cookie operations while preserving site functionality in most cases, with Single Sign-On disruption observed on 11 percent of sites.
Our results expose critical flaws in current browser models and offer a deployable path toward stronger cookie isolation. |
| format | Preprint |
| id |
arxiv_https___arxiv_org_abs_2406_05310 |
| institution | arXiv |
| publishDate | 2024 |
| record_format | arxiv |
| spellingShingle | COOKIEGUARD: Characterizing and Isolating the First-Party Cookie Jar Bahrami, Pouneh Nikkhah Fass, Aurore Shafiq, Zubair Cryptography and Security As third-party cookies are being phased out or restricted by major browsers, first-party cookies are increasingly repurposed for tracking. Prior work has shown that third-party scripts embedded in the main frame can access and exfiltrate first-party cookies, including those set by other third-party scripts. However, existing browser security mechanisms, such as the Same-Origin Policy, Content Security Policy, and third-party storage partitioning, do not prevent this type of cross-domain interaction within the main frame. While recent studies have begun to highlight this issue, there remains a lack of comprehensive measurement and practical defenses. In this work, we conduct the first large-scale measurement of cross-domain access to first-party cookies across 20,000 websites. We find that 56 percent of websites include third-party scripts that exfiltrate cookies they did not set, and 32 percent allow unauthorized overwriting or deletion, revealing significant confidentiality and integrity risks. To mitigate this, we propose CookieGuard, a browser-based runtime enforcement mechanism that isolates first-party cookies on a per-script-origin basis. CookieGuard blocks all unauthorized cross-domain cookie operations while preserving site functionality in most cases, with Single Sign-On disruption observed on 11 percent of sites. Our results expose critical flaws in current browser models and offer a deployable path toward stronger cookie isolation. |
| title | COOKIEGUARD: Characterizing and Isolating the First-Party Cookie Jar |
| topic | Cryptography and Security |
| url | https://arxiv.org/abs/2406.05310 |