An update to the Intelligent Tracking Prevention (ITP) used in Safari 14 will cap the expiration of CNAME cloaking cookies to seven days. This works on iOS 14 and iPadOS 14, but on the Mac it’s limited to macOS Big Sur.
Safari 14 and CNAME Cloaking
CNAME cloaking is a method that uses DNS to disguise a third-party tracker as a first-party tracker. It’s a way to circumvent technologies like Intelligent Tracking Prevention, but not anymore in Safari 14.
According to NextDNS, there are currently six major tracking companies that make use of CNAME cloaking:
- Eulerian
- AT Internet
- Keyade
- Adobe Marketing Cloud
- Criteo
- Commanders Act
Websites that use it are also mentioned, like ArsTechnica, Fox News, Walmart, BBC, WebMD, and so on. Now, Intelligent Tracking Prevention can detect third-party CNAME cloaking requests and cap the cookie expiration in the HTTP response to seven days, the same length of time it imposed on certain other resources like script-write able storage.