COOKIEGUARD: Characterizing and Isolating the First-Party Cookie Jar

As third-party cookies are being phased out or restricted by major browsers, first-party cookies are increasingly repurposed for tracking. Prior work has shown that third-party scripts embedded in the main frame can access and exfiltrate first-party cookies, including those set by other third-party scripts. However, existing browser security mechanisms, such as the Same-Origin Policy, Content Security Policy, and third-party storage partitioning, do not prevent this type of cross-domain interaction within the main frame. While recent studies have begun to highlight this issue, there remains a lack of comprehensive measurement and practical defenses.