SessionID cookie blocked with "Block third-party cookies...site data" in chrome

[Larry Sand]

Just noticed this in Chrome,

Turn on "Block third-party cookies and site data" (ChromeSetting.png)

Now browse to a NTWS page.  I went to the CapeSoft Forums page.  You should see the cookie icon on the address bar with the red X on it indicating that a cookie was blocked.  Click on that icon and select the link "Show cookies and other site data..."

You'll find that it shows that SESSIONID was set and allowed for "forums.capesoft.com" and ".forums.capesoft.com" AND the same cookies were blocked. (3rdPartyCookieBlocked.png).  I just noticed that the CapeSoft site's cookies have an expires date.  We're using 5.32 and the server keeps creating sessions for the same session.  I notice on forums.capesoft.com I have to hit Ctrl+F5 to get it to block the cookie again and the second time I didn't get the two cookies.

Any ideas about what's happening here?

Thanks,
Dazed and Confused

[attachment deleted by admin]

[Bruce]

Hi Larry,

I tested a bit here, and it seems to be ok. The sessionId is not a "3rd party" cookie, and so seems to be allowed. And the app "still works" which is good. Also you can see the cookie coming through on all requests (except the favicon request).

I agree, it's got them in both the "allowed" and "blocked" tab, which is confusing.

Cheers
Bruce

[Larry Sand]

Hi Bruce,

I agree it's not a 3rd party cookie, that's what's strange.  On our server it's causing NewSession() to be called for every request to the server from that browser.  Sometimes the ".SESSIONID" cookie has a different session on the server.  I don't understand what's happening with this and i'll investigate some more today.   I have not seen this kind of behavior with other sites that don't have third party cookies yet.

Thanks for taking a look,
Larry