Best IT Recipes

How do online advertisers use third-party cookies?

If a given web server can only read cookies from those set in its own domain, how do online advertisers track user web traffic from websites outside their network?

Is there some kind of global supercookie advertising system that allows advertisers to extract top-level cookies and then request some servers (from an affiliate) that stores information about where this user was?

Update:

To clarify my question, is it possible for an advertiser to post ads to "example2.com" to make sure I visited the specific site "example1.com" if they never showed an ad on the page from "example1". com "?

+10
cookies advertising tracking ads
Jan 09 2018-12-12T00:
source share
1 answer

No need for supercooks. Each server reads its own domain cookies. Servers pass information to each other through URLs. (Or, less commonly, through return channels.)

For example, let's say you go to example.com . You have an example.com cookie that reads user=1032354 . You retrieve http://www.example.com . Of course, you send your cookie to the web server, which displays the following data on the web page:

 <IMG href="http://www.advertiser.exmaple/add.cgi?source=example.com&user=1032354">

Of course, when your browser goes to www.advertiser.example to receive an image, it will happily send an advertiser.example cookie. The advertiser.example server now knows which user you are on your site (from the cookie you sent) and which user you are on example.com (from the URL).

Using the backchannel method, it works something like this:

1) Go to www.example.com and send it to the example.com file.

2) The web server at example.com receives your user ID from the cookie and sends a JSON request to advertiser.example to create a session for you. He passes him your user ID example.com .

3) The web server displays an image link to advertiser.example with the session identifier created in step 2.

4) When your browser connects to advertiser.example , it sends the cookie advertiser.example in the headers and the session identifier in the URL.

5) The advertiser.example server can now associate your session with its own user account and your user account in example.com and can display the corresponding advertisement.

This can also be done through referrers.

Update . The main sites do not require a cookie. A single advertiser cookie will be used.

1) You go to the site, you do not send cookies. The site assigns you a new session.

2) The web page has an embedded image link to the advertiser's website with a session embedded in the URL.

3) You get the embedded image by sending the session identifier (to the URL) and your cookie (for the advertiser's site).

4) Now the advertiser associates your session on the main site with your account in its database. It links this to the website’s web server through a return channel built into the URL or other means.

+19
Jan 09 '12 at 20:51
source share


More articles:


All Articles