this post was submitted on 21 Mar 2024
27 points (100.0% liked)
askchapo
22762 readers
391 users here now
Ask Hexbear is the place to ask and answer ~~thought-provoking~~ questions.
Rules:
-
Posts must ask a question.
-
If the question asked is serious, answer seriously.
-
Questions where you want to learn more about socialism are allowed, but questions in bad faith are not.
-
Try !feedback@hexbear.net if you're having questions about regarding moderation, site policy, the site itself, development, volunteering or the mod team.
founded 4 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
At the risk of revealing my own illiteracy, I thought that for single sign on it was like, you load the web page and it includes a request to microsoftonline, and the request that your computer sends to microsoftonline includes the sign-in cookie, and then microsoftonline responds to this by sending a unique session token and probably some other stuff to microsoft.com, and then microsoft.com sends the new session token to get stored on your computer.
I'd honestly just kinda assumed that that was more or less how SSO worked so maybe that's wrong though. If it is and I've been talking out of my butt the whole time then please go easy on me.
No you're right, but thats also how tracking cookies would work, including a request back to facebook, or an ad network, or whatever. So that is what firefox is blocking, by partitioning cookies by what site you are actually on, not just what site a request is going to.
Chrome is finally slowly rolling out something similar this year (like they made a big fuss about rolling it out to 1% of users)
So basically we both understood everything from the start but were bad at communicating it?
sounds about right 😅