ITP 2.3

Impact and considerations


Since Safari’s announcement of ITP 2.1 and 2.2 in spring 2019, data-driven marketers and analysts have been considering their options. CNAME cloaking has been a solution adopted by a lot of organizations and data management vendors, but with the latest iteration of Intelligent Tracking Prevention, ITP 2.3, it will soon come to an end.

On November 12, 2020, WebKit announced that they have seen several trackers disguising their cookies as first-party cookies by using domain aliases. WebKit is countering it with the release of an ITP 2.3 update about CNAME cloaking mitigation.

Under the latest ITP 2.3 update, sites that use cookies set in CNAME-cloaked HTTP response will see all their cookie website data deleted after 7 days. Combined with the SameSite=Strict jail attribute, this means trackers won’t be able to use CNAME aliases combined with delayed bounce tracking to track users.

ITP 2.3 thereby shuts down one of the workarounds that have been discussed widely in the business, i.e. CNAME cloaking. Cookie Saver offers a solution that sets first-party cookies as server-set HTTP cookies without resolving to any of the concerned workarounds.

The newest ITP 2.3 update is included in Safari 14 on macOS Big Sur, Catalina, and Mojave, iOS 14, and iPadOS 14.

Make your cookies last longer