Third party cookies must be blocked

From Google Chrome v23 Windows STIG

Part of DTBC0015 - Block third party cookies

Associated with IA controls: ECSC-1

Associated with: CCI-001588

SV-47049r1_rule Third party cookies must be blocked

Vulnerability discussion

"Blocks third party cookies. Enabling this setting prevents cookies from being set by web page elements that are not from the domain that is in the browser's address bar. Disabling this setting allows cookies to be set by web page elements that are not from the domain that is in the browser's address bar and prevents users from changing this setting. If this policy is left not set, third party cookies will be enabled but the user will be able to change that." - Google Chrome Administrators Policy List

Check content

Fix text

Valid for Chrome Browser version 10 or later. Windows registry: Key Path: HKLM\Software\Policies\Google\Chrome\ Value Name: BlockThirdPartyCookies Value Type: Boolean (REG_DWORD) Value Data: 1 Windows group policy: Policy Path: Computer Configuration\Administrative Templates\Google\Google Chrome\ Policy Name: Block third party cookies Policy State: Enabled Policy Value: N/A

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.

Powered by sagemincer