Restricted Access to Cookies and Site Data

If you see a message about restricted access to cookies and site data, it is because your current browser has restricted access to cookies and site data for embedded, cross-origin resources such as the Oxygen Feedback commenting component.

Oxygen Feedback is embedded in a website to allow you to add comments. To be able to post comments on an Oxygen Feedback-enabled website, you first need to authenticate using an Oxygen Feedback account.

Oxygen Feedback uses HTTP cookies to authenticate user requests and maintain session information. The cookies are used to store the current user's Session ID on the client side (in the browser).

Because Oxygen Feedback is embedded in an iframe in the site you are visiting and resides on a different domain, it is considered by the browsers to be a cross-origin resource and its session cookie is considered to be a third-party cookie.

The semantics around third-party cookie blocking policies differ from browser to browser, but the core functionality is similar: cross-origin resources embedded in a third-party context are not given access to the same cookies and site storage that they would have access to when loaded in a first-party context.

These cookie blocking policies are known to break embedded cross-origin content that requires access to its first-party storage.

Browsers that restrict access to cookies for embedded, cross-origin sites, provide a way for these sites to gain unrestricted access to their cookies by requesting user consent (see https://developer.mozilla.org/en-US/docs/Web/API/Storage_Access_API).

For example, embedded cross-origin websites would be able to authenticate users who are already logged in to their first-party services.