Cookie first-party cookie and 3rd-party cookie

When it comes to cookies (which are generally referred to as "cookies" in Chinese), friends who frequently surf the Internet must have heard of them. Cookies are sent from the server where you browse the website and stored a small amount of data on the hard disk of your computer through your browser. These data mainly contain some identification codes, which record the number of visits to your website, the access time, and the path to your website.

The so-called "first-party cookies" refer to cookies that store certain information from websites currently being accessed. The so-called "third-party cookies ", it refers to websites other than websites currently visited. The most common websites are third-party sites that place advertisements on websites visited. These third-party sites may be using cookies. The so-called "session cookies ", this is the information stored during browsing. When IE is disabled, these cookies are also deleted, which is generally harmless.

 

Theme. When Microsoft hasn't launched IE8, I honestly don't like it. This does not come from my prejudice against Microsoft (this company is really great), but from my loyalty to cookies. However, the emergence of IE8 has cast a thick shadow on our beauty. However, before everything becomes very serious, let's take a look at what cookies mean to us and why we need to defend them.

• What are cookies and their functions?

Cookie is a small TXT file on the client end when you browse the Web page. This file stores some things related to the website you visited. When you visit this website for the next time, the cookie will remember the status or settings of your last visit, so that the server can send page-related content accordingly. The information contained in the cookie does not have a standard format, and the specifications of each website server may be different, but it generally includes the Domain Name of the accessed website ), the access start time, the visitor's IP address, and other client information. For example, if you set up a Google page to display several search results and other information, even if you do not log on to your Google account, you will be able to save it during your next visit, this is how you put the relevant information into the cookie during the last visit. For online shopping websites, you have recorded some information such as your shopping cart, storage shelf, and your account name. In addition, some websites will write down your Logon account and password through cookies, so that you will log on automatically next time you open your browser.

 

Of course, if you open the TXT file of the cookie in the system folder, you will not see this information but will only see a mess of characters, because for the sake of security, cookies are generally encrypted and can only be read by the corresponding server. In addition, because cookies are only TXT files, not programs, and are not viruses, they cannot run on their own, and will not affect the operating system and any other computer programs, nor spread through the Internet, therefore, it does not actually constitute a threat to Internet security.

For website analysis, cookie is used to helpEmbedded Code ClassWebsite analysis tools record Website access (visit) and visitor (unique visitor) information, and related monitoring is not possible without cookies. The software that uses server logs for website analysis can perform related analysis without the need for cookies. Therefore, cookies are only valid for embedded code tools. Tools that you are familiar with-Google Analytics, omniture, lxbs, and Webtrends-embedded code edition-all require Cookie placement on the computers of website visitors for monitoring.

• Cookie quantity and Validity Period

The number of cookies is the number of cookies that a website can place on a client. A website does not have to place only one cookie on the client, but multiple different cookies are placed as needed.For website analysis tools, cookies that help monitor visit and help monitor unique visitor cannot be set separately.. For each website (domain), the maximum number of cookies supported by different browsers varies. IE7 and firefox3.0 support 50 cookies for each website, while opera supports 30 cookies. Both 30 and 50 are enough.

Cookie validity period (expiration) is another very important concept and one of the important attributes of cookies. Any Cookie has a validity period. Some cookies are valid for a short period of time. Some cookies expire automatically when the browser is closed, while others are known as "permanent cookies ". In fact, the cookie's validity period is set manually on the server side. It can be set to 1 second, 10 years, or disabled when the browser is closed, based on different situations. A permanent cookie is a cookie with a long validity period, but is not permanent.

The timeliness of cookies is of great significance for website analysis and monitoring. Visit monitoring depends on the cookie's validity period. For example, Google Analytics sets two validity periods for visit cookies. One is 30 minutes, and the other is when the browser is closed. This means that if the visit cookie is not updated within 30 minutes, this cookie becomes invalid-that is why we say that visit is a page browsing process with an interval of no more than 30 minutes,If the time between two page views exceeds 30 minutes, the visit count is increased by 1.. In addition, if you open a website and shut down the browser after reading it for a while, when you open the browser again and re-open the website, even if the two visits did not take more than 30 minutes,It will also be calculated as a new visit,The reason is visit.
The cookie browser disables the end of validity period setting.

Unique Visitor also depends on the cookie's validity period. If the cookie expires on two days, then you will access the same website today and tomorrow. The unique visitor will only be recorded as increasing from 0 to 1. If you come again on the third day, then the unique visitor will increase the count once, for a total of two times. In addition to visit and unique visitor, return visitor, frequency, and other measurements also depend on the cookie's validity period.

• 1st party cookie and 3rd party cookie

 The first-party cookie and third-party cookie are actually a very simple concept, but I searched for some explanations on Baidu. It seems that they are neither clear nor accurate. In fact, the so-called first-party and third-party statements are used to determine the ownership of the cookie, which refers to the domain recorded in the cookie ). For example, if you visit my website www.chinawebanalytics.cn, my website sets a cookie on your computer, and the recorded domain name is also www.chinawebanalytics.cn, therefore, this cookie is the first party and belongs to your website www.chinawebanalytics.cn. If you access the website www.chinawebanalytics.cn, the cookie domain name set on your computer is www.omd.com,This cookie is a third-party cookie., Which belongs to www.omd.com.

This concept is very important for website analysis. For example, you may ask if Google Analytics uses a cookie of 1st party or 3rd party. The answer is first-party. First, Google Analytics's cookies on each monitored site are created by our familiar JavaScript monitoring code. (Yes, JavaScript can also create cookies. That's enough to know, do not need to dig deep). Second,The domain of the created cookie is not analytics.google.com, but the domain of the monitored website.. Therefore,Although this cookie is actually in Google
With the help of analytics, it is also used by Google Analytics (Instead, it cannot be directly used by the "monitored website"). It is still the first-party cookie.

Therefore, the first-party cookie does not need to be set up by a website's own server, and other websites can also be set up for it, the first-party Cookie may not be read by a website itself, but may be read by a third party.The only difference between the first and third parties is: whether the domain name in the cookie is the same as the domain name of the website to be accessed, that is, the first party, or the third party.

This is a confusing concept. I hope you can figure it out after reading the above content.

　　Website analysis and all Internet advertisement monitoring will prefer third-party cookies..The reason is that third-party cookies can be used to monitor cross-site visitor behavior. For example, DoubleClick uses a third-party cookie. This company will create a cookie with the same (only one) domain as DoubleClick for all pages opened with DoubleClick advertisements, as long as you open these web pages, whether or not they belong to the same website, you can view the advertisement behavior DoubleClick. However, the first-party cookie will not work, because the first-party Cookie must use the domain of the monitored website, so that multiple websites will have multiple different cookies, cross-Site browsing cannot be monitored.

For most browsers, third-party cookies are disabled by default because people tend to think that third-party cookies greatly obtain the privacy of people when discussing privacy issues related to cookies, this leads to the widespread distrust and misunderstanding of third-party cookies. However, in fact, all cookies do not disclose any privacy information about the viewer. They only capture browsing behaviors, and third-party cookies are no exception. If everyone is willing to accept third-party cookies, there will be more analysis and optimization solutions provided by website analysis. However, third-party cookies are generally disabled, so there are not many monitoring tools that use third-party cookies. only tools that monitor online advertisements will insist on using third-party cookies.

• What else can I monitor without cookies?

Because third-party cookies are not popular, few website analysis tools use them. However, if no cookie exists, the website analysis tool will barely work. But in fact, if there is no cookie, we can still monitor something. This is PV. Because PV monitoring only triggers JavaScript monitoring Code and is irrelevant to cookies. For example, in omniture, if a client disables a cookie, omniture still records the PV contributed by the client, but cannot record visit at all, this will make the PV/visit monitored by this tool slightly larger than the actual value. When there is no cookie, omniture will return and use the visitor Client IP address to identify different visitors (unique
In this way, the unique visitor can still be monitored after the cookie is disabled. However, because visit cannot be monitored, it is possible that the unique visitor is larger than visit in omniture.

 

　　Without cookies, data is basically lost for other measurements except PV, so I will think that we have nothing to do without cookies.Or the location of visitor and visitor can also be obtained through the IP address. However, this data is very inaccurate because we need cookies.

So, how many clients will disable cookies? I don't have a precise number, but I think there should be about 80% of users using the first cookie, and only about 20% will disable it. Third-party cookies are disabled by default. Therefore, at most 20% of users use them.

With the emergence of IE8, it will certainly further reduce the cookie usage, which will further reduce the number of samples of website analysis data. MeNot ConsideredThis reduces the accuracy of website analysis tools when describing qualitative issues (qualitative issues such as bounce rate, such as time on site, and the ratio of returning visitor to new visitor ), however, an error may occur when describing a quantitative problem, or, more specifically, it may be too small. If more than 50% of users are disabled as cookies are disabled, the original methodology of website analysis will be troublesome. However, I certainly do not believe that the cookie disabling ratio will rise sharply, I am very optimistic-Cookie brings much convenience to people, much greater than the privacy issues raised in some shortcomings. Disabling cookies is more of a psychological comfort (in fact, most of the time it is only a psychological feeling, and there is no practical help for security and privacy ), however, the inconvenience may directly affect your browsing experience.

Therefore, whether it is for our professional, for better user experience, or for the website itself to create more convenient applications, we all have enough reasons to support cookies, oppose Microsoft's Internet Explorer 8 porn browsing model, and defend what we should defend-This represents wisdom and progress. The open letter Eric Peterson wrote to President Obama is worth looking at, representing the strongest voices of all our website analysis practitioners.