The impact of Google 80 release on MyAffiliates

Many people have been asking us the impact, if any, of the new release of Google Chrome 80 will have on their MyAffiliates tracking.

Chrome 80 includes a “secure-by-default” cookie policy to help prevent cross-site scripting vulnerabilities.

For non-technical people, cross-site scripting vulnerabilities is explained simply here:

This change covers two cases of insecurity:

  1. The browser will only accept cookies over HTTPS — I.e. it will reject cookies set from a HTTP site.
  2. The browser will not accept a cookie from Web Site A if the request was triggered from Web Site B (such as when using JavaScript to make a background request.)

This change will have no impact on MyAffiliates banner serving and click tracking as neither of these systems have a dependency on cookies for tracking, and all our web services are using HTTPS.

However, you may like to consult with your team that manages your customer signups to check how they capture and store the MyAffiliates Tracking Token. For peace of mind, they may like to test the workflow of tracking a Customer with Chrome 80.