Occasionally we see perplexed queries
I wish blogger didn't insist on the requirement of third-party cookies in order to comment.or
Why do I have to login each time I access my account?
Many bloggers aren't aware of the various different domains used by Blogger / Google.
Two of the key domains, in this case, are "Blogger.com", and "BlogSpot.com". The first is where we login, and the second is where many of our blogs are published. And now, "Google.com" becomes a third key domain, with the new Google "One account" login being involved.
With a blog published to a custom domain (not to BlogSpot), we have more possibilities. And now, with blog access affected by geographical country, we have even more possibility for confusion.
Each different domain may contain different code, and should be trusted differently.
Cookies used from "blogger.com", to "blogspot.com", are "third party" cookies.
If you (or your reader) are reading a blog hosted in "BlogSpot.com" (or wherever), and a cookie created in "Blogger.com" is needed, the browser will be able to provide the necessary access only if "third party cookies" are enabled, in all filters. Security filters, which include cookie filtering functions, may be present in various locations on the computer, and the network.
Any cookie or script filter, in any location, can affect your use of various Blogger features.
Blogger doesn't use "third party cookies" for fun, or for gratuitous security, they use them because they have cookies created in "Google.com" (when we login to Google) - and used in "Blogger.com" and "BlogSpot.com" (or wherever your blog is published - here, for instance, "nitecruzr.net") when we
- Publish or delete comments.
- Attempt to access private blogs.
- Require Blogger Stats to ignore our own activity.
- Use (look for) the Quick Edit icons on the face of the blog.
By themselves, the popup and separate page comment forms, which use code from "Blogger.com", will not require third party cookies. However, the possibility of CAPTCHA ("word verification") based screening, which runs code from your blog - whatever domain your blog is published in - will require access to third party cookies.
Note the advice on the Settings - Comments - "Show word verification for comments?"
Blog authors will not see word verification for comments.The comment script must check the authentication cookie, to determine if the commenter is a blog author.
All Blogger comment processes require cookies.
Whether inline, popup, or separate page, your comment form, using CAPTCHA based screening, will also require access to third party cookies.
The unfortunate thing about the "third party cookie" issue is that there's no granularity here, in most browsers. If you enable "third party cookies" so a BlogSpot web page can access a Blogger cookie, then any other web page domain can access cookies created in other domains. You enable one "third party cookie" access, you enable all of them.
With an untrusted website, is unwanted cookies really the most serious danger?
This is yet another reason why you should only surf web sites that you should trust. If you don't trust a given web page to not abuse your computer, and to only access what cookies it should, why are you there in the first place? Always be aware of how reliable are the websites that you surf.