![Page 1: Steven Englehardt · From Non-Trackers + No stateful tracking in 3rd party iframes + No cookies with embeds + Less breakage than other cookie blocking](https://reader036.vdocument.in/reader036/viewer/2022062607/60428c4af0fb333d2f670fd3/html5/thumbnails/1.jpg)
![Page 2: Steven Englehardt · From Non-Trackers + No stateful tracking in 3rd party iframes + No cookies with embeds + Less breakage than other cookie blocking](https://reader036.vdocument.in/reader036/viewer/2022062607/60428c4af0fb333d2f670fd3/html5/thumbnails/2.jpg)
![Page 3: Steven Englehardt · From Non-Trackers + No stateful tracking in 3rd party iframes + No cookies with embeds + Less breakage than other cookie blocking](https://reader036.vdocument.in/reader036/viewer/2022062607/60428c4af0fb333d2f670fd3/html5/thumbnails/3.jpg)
![Page 4: Steven Englehardt · From Non-Trackers + No stateful tracking in 3rd party iframes + No cookies with embeds + Less breakage than other cookie blocking](https://reader036.vdocument.in/reader036/viewer/2022062607/60428c4af0fb333d2f670fd3/html5/thumbnails/4.jpg)
≈
![Page 5: Steven Englehardt · From Non-Trackers + No stateful tracking in 3rd party iframes + No cookies with embeds + Less breakage than other cookie blocking](https://reader036.vdocument.in/reader036/viewer/2022062607/60428c4af0fb333d2f670fd3/html5/thumbnails/5.jpg)
![Page 6: Steven Englehardt · From Non-Trackers + No stateful tracking in 3rd party iframes + No cookies with embeds + Less breakage than other cookie blocking](https://reader036.vdocument.in/reader036/viewer/2022062607/60428c4af0fb333d2f670fd3/html5/thumbnails/6.jpg)
![Page 7: Steven Englehardt · From Non-Trackers + No stateful tracking in 3rd party iframes + No cookies with embeds + Less breakage than other cookie blocking](https://reader036.vdocument.in/reader036/viewer/2022062607/60428c4af0fb333d2f670fd3/html5/thumbnails/7.jpg)
![Page 8: Steven Englehardt · From Non-Trackers + No stateful tracking in 3rd party iframes + No cookies with embeds + Less breakage than other cookie blocking](https://reader036.vdocument.in/reader036/viewer/2022062607/60428c4af0fb333d2f670fd3/html5/thumbnails/8.jpg)
![Page 9: Steven Englehardt · From Non-Trackers + No stateful tracking in 3rd party iframes + No cookies with embeds + Less breakage than other cookie blocking](https://reader036.vdocument.in/reader036/viewer/2022062607/60428c4af0fb333d2f670fd3/html5/thumbnails/9.jpg)
![Page 10: Steven Englehardt · From Non-Trackers + No stateful tracking in 3rd party iframes + No cookies with embeds + Less breakage than other cookie blocking](https://reader036.vdocument.in/reader036/viewer/2022062607/60428c4af0fb333d2f670fd3/html5/thumbnails/10.jpg)
![Page 11: Steven Englehardt · From Non-Trackers + No stateful tracking in 3rd party iframes + No cookies with embeds + Less breakage than other cookie blocking](https://reader036.vdocument.in/reader036/viewer/2022062607/60428c4af0fb333d2f670fd3/html5/thumbnails/11.jpg)
![Page 12: Steven Englehardt · From Non-Trackers + No stateful tracking in 3rd party iframes + No cookies with embeds + Less breakage than other cookie blocking](https://reader036.vdocument.in/reader036/viewer/2022062607/60428c4af0fb333d2f670fd3/html5/thumbnails/12.jpg)
Stuff that requires cross-domain
storage access
![Page 13: Steven Englehardt · From Non-Trackers + No stateful tracking in 3rd party iframes + No cookies with embeds + Less breakage than other cookie blocking](https://reader036.vdocument.in/reader036/viewer/2022062607/60428c4af0fb333d2f670fd3/html5/thumbnails/13.jpg)
Canvas
Audio
Image source: http://www.lalit.org/lab/javascript-css-font-detect/
Font
Stuff that requires cross-domain
storage access
![Page 14: Steven Englehardt · From Non-Trackers + No stateful tracking in 3rd party iframes + No cookies with embeds + Less breakage than other cookie blocking](https://reader036.vdocument.in/reader036/viewer/2022062607/60428c4af0fb333d2f670fd3/html5/thumbnails/14.jpg)
Canvas
Audio
Image source: http://www.lalit.org/lab/javascript-css-font-detect/
Font
Stuff that requires cross-domain
storage access
Stuff that requires Javascript access
![Page 15: Steven Englehardt · From Non-Trackers + No stateful tracking in 3rd party iframes + No cookies with embeds + Less breakage than other cookie blocking](https://reader036.vdocument.in/reader036/viewer/2022062607/60428c4af0fb333d2f670fd3/html5/thumbnails/15.jpg)
Stateful
Stateless
First-party Context Third-party Context (iframes)
![Page 16: Steven Englehardt · From Non-Trackers + No stateful tracking in 3rd party iframes + No cookies with embeds + Less breakage than other cookie blocking](https://reader036.vdocument.in/reader036/viewer/2022062607/60428c4af0fb333d2f670fd3/html5/thumbnails/16.jpg)
Stateful
Stateless
First-party Context Third-party Context (iframes)
SOP already provides protection
![Page 17: Steven Englehardt · From Non-Trackers + No stateful tracking in 3rd party iframes + No cookies with embeds + Less breakage than other cookie blocking](https://reader036.vdocument.in/reader036/viewer/2022062607/60428c4af0fb333d2f670fd3/html5/thumbnails/17.jpg)
From Non-Trackers
![Page 18: Steven Englehardt · From Non-Trackers + No stateful tracking in 3rd party iframes + No cookies with embeds + Less breakage than other cookie blocking](https://reader036.vdocument.in/reader036/viewer/2022062607/60428c4af0fb333d2f670fd3/html5/thumbnails/18.jpg)
From Non-Trackers
+ No stateful tracking in 3rd party iframes
![Page 19: Steven Englehardt · From Non-Trackers + No stateful tracking in 3rd party iframes + No cookies with embeds + Less breakage than other cookie blocking](https://reader036.vdocument.in/reader036/viewer/2022062607/60428c4af0fb333d2f670fd3/html5/thumbnails/19.jpg)
From Non-Trackers
+ No stateful tracking in 3rd party iframes
+ No cookies with <script src…> embeds
![Page 20: Steven Englehardt · From Non-Trackers + No stateful tracking in 3rd party iframes + No cookies with embeds + Less breakage than other cookie blocking](https://reader036.vdocument.in/reader036/viewer/2022062607/60428c4af0fb333d2f670fd3/html5/thumbnails/20.jpg)
From Non-Trackers
+ No stateful tracking in 3rd party iframes
+ No cookies with <script src…> embeds
+ Less breakage than other cookie blocking
![Page 21: Steven Englehardt · From Non-Trackers + No stateful tracking in 3rd party iframes + No cookies with embeds + Less breakage than other cookie blocking](https://reader036.vdocument.in/reader036/viewer/2022062607/60428c4af0fb333d2f670fd3/html5/thumbnails/21.jpg)
Stateful
Stateless
First-party Context Third-party Context (iframes)
SOP already provides protection
Selective 3rd-party cookie blocking
![Page 22: Steven Englehardt · From Non-Trackers + No stateful tracking in 3rd party iframes + No cookies with embeds + Less breakage than other cookie blocking](https://reader036.vdocument.in/reader036/viewer/2022062607/60428c4af0fb333d2f670fd3/html5/thumbnails/22.jpg)
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Curabitur gravida aliquam lectus ut condimentum. Sed tristique lorem et accumsan rutrum. Donec metus sapien, viverra sed nibh id, pulvinar posuere nisi. Maecenas pretium nulla vel fringilla porta. Vivamus sodales sapien in pulvinar bibendum. Cras vestibulum faucibus est id tristique. Aenean sit amet efficitur ligula, ut congue libero.
Sed facilisis tellus sed odio volutpat hendrerit. Mauris turpis sem, bibendum nec ullamcorper et, varius sed tellus. Mauris ullamcorper scelerisque mollis. Donec mollis tincidunt malesuada. Pellentesque vitae dignissim risus. Cras facilisis, mi a vulputate laoreet, nisl turpis euismod libero, a porttitor urna sapien id felis. Cras aliquet efficitur metus, at venenatis justo sagittis vel. Suspendisse cursus ante quis diam faucibus dignissim. Aenean quis mi ac justo euismod consequat. Donec imperdiet, sapien ac euismod dapibus, sapien tortor bibendum nibh, vitae facilisis ligula enim tempor velit. Nulla accumsan eget nunc non tristique. Curabitur dictum fringilla nisl. Class aptent taciti sociosqu ad litora torquent per conubia nostra, per inceptos himenaeos. Donec pharetra tellus ut ex finibus, non tempor est commodo. Etiam malesuada ultricies malesuada. Aliquam vel orci aliquet, semper erat at, volutpat elit.
![Page 23: Steven Englehardt · From Non-Trackers + No stateful tracking in 3rd party iframes + No cookies with embeds + Less breakage than other cookie blocking](https://reader036.vdocument.in/reader036/viewer/2022062607/60428c4af0fb333d2f670fd3/html5/thumbnails/23.jpg)
+ No fingerprinting in iframes
+ Restrict plugin use, modal dialogs, top-level navigation, etc
![Page 24: Steven Englehardt · From Non-Trackers + No stateful tracking in 3rd party iframes + No cookies with embeds + Less breakage than other cookie blocking](https://reader036.vdocument.in/reader036/viewer/2022062607/60428c4af0fb333d2f670fd3/html5/thumbnails/24.jpg)
+ No fingerprinting in iframes
+ Restrict plugin use, modal dialogs, top-level navigation, etc
Not enough trackers are embedded in iframes.
71% of third-party scripts on top homepages will still be able track on 90%+ of pages
10% of third-party scripts on top homepages have a reduction in tracking by 50% or more
![Page 25: Steven Englehardt · From Non-Trackers + No stateful tracking in 3rd party iframes + No cookies with embeds + Less breakage than other cookie blocking](https://reader036.vdocument.in/reader036/viewer/2022062607/60428c4af0fb333d2f670fd3/html5/thumbnails/25.jpg)
Stateful
Stateless
First-party Context Third-party Context (iframes)
SOP already provides protection
Selective 3rd-party cookie blocking
Reduced JS feature set (extend iFrame sandbox)
![Page 26: Steven Englehardt · From Non-Trackers + No stateful tracking in 3rd party iframes + No cookies with embeds + Less breakage than other cookie blocking](https://reader036.vdocument.in/reader036/viewer/2022062607/60428c4af0fb333d2f670fd3/html5/thumbnails/26.jpg)
![Page 27: Steven Englehardt · From Non-Trackers + No stateful tracking in 3rd party iframes + No cookies with embeds + Less breakage than other cookie blocking](https://reader036.vdocument.in/reader036/viewer/2022062607/60428c4af0fb333d2f670fd3/html5/thumbnails/27.jpg)
![Page 28: Steven Englehardt · From Non-Trackers + No stateful tracking in 3rd party iframes + No cookies with embeds + Less breakage than other cookie blocking](https://reader036.vdocument.in/reader036/viewer/2022062607/60428c4af0fb333d2f670fd3/html5/thumbnails/28.jpg)
●
●
●
![Page 29: Steven Englehardt · From Non-Trackers + No stateful tracking in 3rd party iframes + No cookies with embeds + Less breakage than other cookie blocking](https://reader036.vdocument.in/reader036/viewer/2022062607/60428c4af0fb333d2f670fd3/html5/thumbnails/29.jpg)
Blocking with Tracking Protection
![Page 30: Steven Englehardt · From Non-Trackers + No stateful tracking in 3rd party iframes + No cookies with embeds + Less breakage than other cookie blocking](https://reader036.vdocument.in/reader036/viewer/2022062607/60428c4af0fb333d2f670fd3/html5/thumbnails/30.jpg)
Sandboxing with Tracking Protection
![Page 31: Steven Englehardt · From Non-Trackers + No stateful tracking in 3rd party iframes + No cookies with embeds + Less breakage than other cookie blocking](https://reader036.vdocument.in/reader036/viewer/2022062607/60428c4af0fb333d2f670fd3/html5/thumbnails/31.jpg)
Blocking with Tracking Protection
![Page 32: Steven Englehardt · From Non-Trackers + No stateful tracking in 3rd party iframes + No cookies with embeds + Less breakage than other cookie blocking](https://reader036.vdocument.in/reader036/viewer/2022062607/60428c4af0fb333d2f670fd3/html5/thumbnails/32.jpg)
Sandboxing with Tracking Protection
![Page 33: Steven Englehardt · From Non-Trackers + No stateful tracking in 3rd party iframes + No cookies with embeds + Less breakage than other cookie blocking](https://reader036.vdocument.in/reader036/viewer/2022062607/60428c4af0fb333d2f670fd3/html5/thumbnails/33.jpg)
Stateful
Stateless
First-party Context Third-party Context (iframes)
SOP already provides protection
Selective 3rd-party cookie blocking
Reduced JS feature set (extend iFrame sandbox)
:(
![Page 34: Steven Englehardt · From Non-Trackers + No stateful tracking in 3rd party iframes + No cookies with embeds + Less breakage than other cookie blocking](https://reader036.vdocument.in/reader036/viewer/2022062607/60428c4af0fb333d2f670fd3/html5/thumbnails/34.jpg)
Main Page Tracking Sandbox
![Page 35: Steven Englehardt · From Non-Trackers + No stateful tracking in 3rd party iframes + No cookies with embeds + Less breakage than other cookie blocking](https://reader036.vdocument.in/reader036/viewer/2022062607/60428c4af0fb333d2f670fd3/html5/thumbnails/35.jpg)
wrapper
Main Page Tracking Sandbox
![Page 36: Steven Englehardt · From Non-Trackers + No stateful tracking in 3rd party iframes + No cookies with embeds + Less breakage than other cookie blocking](https://reader036.vdocument.in/reader036/viewer/2022062607/60428c4af0fb333d2f670fd3/html5/thumbnails/36.jpg)
![Page 37: Steven Englehardt · From Non-Trackers + No stateful tracking in 3rd party iframes + No cookies with embeds + Less breakage than other cookie blocking](https://reader036.vdocument.in/reader036/viewer/2022062607/60428c4af0fb333d2f670fd3/html5/thumbnails/37.jpg)
<iframe onload = ...id = "aswift_0"width = "300"height = "250"
>< /iframe>
![Page 38: Steven Englehardt · From Non-Trackers + No stateful tracking in 3rd party iframes + No cookies with embeds + Less breakage than other cookie blocking](https://reader036.vdocument.in/reader036/viewer/2022062607/60428c4af0fb333d2f670fd3/html5/thumbnails/38.jpg)
<iframe onload = ...id = "aswift_0"width = "300"height = "250"
>< /iframe>
var i = this.id,
s = window.google_iframe_oncopy,
h = s & amp; & amp;
s.handlers, h = h & amp; & amp;
h[i], w = this.contentwindow, d;
d = w.document
if (h & amp; & amp; d & amp; & amp;
` ...
w.location.replace(h)
}
}
![Page 39: Steven Englehardt · From Non-Trackers + No stateful tracking in 3rd party iframes + No cookies with embeds + Less breakage than other cookie blocking](https://reader036.vdocument.in/reader036/viewer/2022062607/60428c4af0fb333d2f670fd3/html5/thumbnails/39.jpg)
● onload
● javascript:
●
![Page 40: Steven Englehardt · From Non-Trackers + No stateful tracking in 3rd party iframes + No cookies with embeds + Less breakage than other cookie blocking](https://reader036.vdocument.in/reader036/viewer/2022062607/60428c4af0fb333d2f670fd3/html5/thumbnails/40.jpg)
●
●○○
●
![Page 41: Steven Englehardt · From Non-Trackers + No stateful tracking in 3rd party iframes + No cookies with embeds + Less breakage than other cookie blocking](https://reader036.vdocument.in/reader036/viewer/2022062607/60428c4af0fb333d2f670fd3/html5/thumbnails/41.jpg)
●○○
●