[nevon]

That's not how it works. Even if you're setting the cookie on your own domain, if you're embedding your site in an iframe on a different domain, you won't be able to read your own cookies from within the iframe after this change.

[pas]

Oh! Could you show the relevant post/source from webkit for this?

After reading the webkit blog post on ITP I had no idea they changed this, but yeah, they are probably going to anyway if haven't yet. Otherwise it'd be too easy game this.

[nevon]

Well, that's how cookies in iframes have always worked. The only difference is that these changes explained in the blog post you mentioned means that since you never interact with the domain in a first-party context, you won't be able to read the cookies while in a third-party context. See the heading "Actions Taken After Classification" in https://webkit.org/blog/7675/intelligent-tracking-prevention...