>Without 3P cookies widgets like Disqus cannot track (and automatically sign-in) user across different websites, but everything else including posting comments or liking them should work, you just need to sign-in on every website instead of doing it once.

I feel like I don't understand what a 3P cookie is, then. Isn't Disqus a third-party service? Doesn't it use a cookie to know you have signed in?

If you put a Disqus comment form or Google Analytics in your website, wouldn't you need a cookie popup to comply with GDPR and similar regulations that regulate sending user data to third-parties?

Is 3P cookie supposed to be about the domain of the cookie? But then can a script from one domain like GA set a cookie in a different domain like of a website that uses GA? That doesn't sound right, considering you can't do this server side.

Can you help me understand how would it work for it not to be a 3P cookie?

> Isn't Disqus a third-party service? Doesn't it use a cookie to know you have signed in?

Let's say Disqus JS code is embedded on a site A. Then it can set cookies for that domain. So when you enter your Disqus login and password on site A, it can send a request to Disqus server, obtain authorization token and save it in cookies for domain A. This way you will be recognized every time you visit site A.

This means that operators of site A may access those cookies too, but I don't see any problem here - it's their site anyway.

> If you put a Disqus comment form or Google Analytics in your website, wouldn't you need a cookie popup to comply with GDPR and similar regulations that regulate sending user data to third-parties?

Probably you need.

> Is 3P cookie supposed to be about the domain of the cookie?

3P cookie means that when site A includes content from site B (image, iframes) then the browser will send domain B's cookies with the request for that content. This means that if content from site B is included on 100 different websites, site B can track the user across them using cookies.

So when you sign into Disqus, it can recognize (and track your actions) you on any site using Disqus widget.

When 3P cookies are disabled, requests for content embedded from other sites like B, will be anonymous and without cookies. You will have to log into Disqus for every site where you want to leave a comment.

I see. That's a bit ironic. Cookies use useful because you don't need to use URL query parameters all the time. So what they are doing is taking the session token that would be sent in the Disqus domain cookie and storing it as an embedder's cookie, then using Javascript to put the cookie data in URL's / requests. In fact, "cookie" is probably not even a good method to do this since it will get send in embedder's requests. You could just use localstorage for it.

I've always found the negative effects of 3P cookies, the creepiness of being logged in on every site and ads following you around, to be symptoms of other problems (using the same browser profile for everything you do, a culture of not paying for websites so they have to rely on ads for monetization), so I'm not sure if this is a great solution to the actual problems.

But I guess it does make the internet better for the average person.

It's not surprising that there are legit uses like this for 3P cookies, and that the cons probably outweigh the pros. Browsers already stopped allowing cross-site caching for similar reasons years ago, which I'd say comes at a bigger cost.