Nightly Builds

(default settings)
brave logo
brave
1.66
chrome logo
chrome
124.0
duckduckgo logo
duckduckgo
1.58
edge logo
edge
124.0
firefox logo
firefox
124.0a1
opera logo
opera
110.0
safari logo
safari
17.4
tor logo
tor
13.5a5
vivaldi logo
vivaldi
6.6
State Partitioning testsWhich browsers isolate websites to prevent them from sharing data to track you?
A common vulnerability of web browsers is that they allow tracking companies to 'tag' your browser with some data ('state') that identifies you. When third-party trackers are embedded in websites, they can see this identifying data as you browse to different websites. Fortunately, it is possible for this category of leaks to be fixed by partitioning all data stored in the browser such that no data can be shared between websites.
        
Alt-Svc
Alt-Svc allows the server to indicate to the web browser that a resource should be loaded on a different server. Because this is a persistent setting, it could be used to track users across websites if it is not correctly partitioned.
              
Passed
write: async () => {
      // Clear Alt-Svc caching first.
      let responseText = "";
      for (let i = 0; i < 3; ++i) {
        await fetch(altSvcOrigin + "/clear");
        await sleepMs(100);
      }
      responseText = await fetchText(altSvcOrigin + "/protocol");
      console.log("after clear:", responseText);
      // Store "h3" state in Alt-Svc cache
      for (let i = 0; i < 3; ++i) {
        await fetch(altSvcOrigin + "/set");
        await sleepMs(100);
      }
      responseText = await fetchText(altSvcOrigin + "/protocol");
      console.log("after set:", responseText);
    }

read: async () => {
      const protocol = await fetchText(altSvcOrigin + "/protocol");
      if ((new URL(location)).searchParams.get("thirdparty") === "same") {
        if (protocol !== "h3") {
          throw new Error("Unsupported");
        }
      }
      return protocol;
    }

result, same first party: h3

result, different first party: h2

unsupported: false

passed: true

test failed: false
Passed
write: async () => {
      // Clear Alt-Svc caching first.
      let responseText = "";
      for (let i = 0; i < 3; ++i) {
        await fetch(altSvcOrigin + "/clear");
        await sleepMs(100);
      }
      responseText = await fetchText(altSvcOrigin + "/protocol");
      console.log("after clear:", responseText);
      // Store "h3" state in Alt-Svc cache
      for (let i = 0; i < 3; ++i) {
        await fetch(altSvcOrigin + "/set");
        await sleepMs(100);
      }
      responseText = await fetchText(altSvcOrigin + "/protocol");
      console.log("after set:", responseText);
    }

read: async () => {
      const protocol = await fetchText(altSvcOrigin + "/protocol");
      if ((new URL(location)).searchParams.get("thirdparty") === "same") {
        if (protocol !== "h3") {
          throw new Error("Unsupported");
        }
      }
      return protocol;
    }

result, same first party: h3

result, different first party: h2

unsupported: false

passed: true

test failed: false
Unsupported
write: async () => {
      // Clear Alt-Svc caching first.
      let responseText = "";
      for (let i = 0; i < 3; ++i) {
        await fetch(altSvcOrigin + "/clear");
        await sleepMs(100);
      }
      responseText = await fetchText(altSvcOrigin + "/protocol");
      console.log("after clear:", responseText);
      // Store "h3" state in Alt-Svc cache
      for (let i = 0; i < 3; ++i) {
        await fetch(altSvcOrigin + "/set");
        await sleepMs(100);
      }
      responseText = await fetchText(altSvcOrigin + "/protocol");
      console.log("after set:", responseText);
    }

read: async () => {
      const protocol = await fetchText(altSvcOrigin + "/protocol");
      if ((new URL(location)).searchParams.get("thirdparty") === "same") {
        if (protocol !== "h3") {
          throw new Error("Unsupported");
        }
      }
      return protocol;
    }

result, same first party: Error: Unsupported

result, different first party: h3

unsupported: true

passed: undefined

test failed: false
Passed
write: async () => {
      // Clear Alt-Svc caching first.
      let responseText = "";
      for (let i = 0; i < 3; ++i) {
        await fetch(altSvcOrigin + "/clear");
        await sleepMs(100);
      }
      responseText = await fetchText(altSvcOrigin + "/protocol");
      console.log("after clear:", responseText);
      // Store "h3" state in Alt-Svc cache
      for (let i = 0; i < 3; ++i) {
        await fetch(altSvcOrigin + "/set");
        await sleepMs(100);
      }
      responseText = await fetchText(altSvcOrigin + "/protocol");
      console.log("after set:", responseText);
    }

read: async () => {
      const protocol = await fetchText(altSvcOrigin + "/protocol");
      if ((new URL(location)).searchParams.get("thirdparty") === "same") {
        if (protocol !== "h3") {
          throw new Error("Unsupported");
        }
      }
      return protocol;
    }

result, same first party: h3

result, different first party: h2

unsupported: false

passed: true

test failed: false
Passed
write: async () => {
      // Clear Alt-Svc caching first.
      let responseText = "";
      for (let i = 0; i < 3; ++i) {
        await fetch(altSvcOrigin + "/clear");
        await sleepMs(100);
      }
      responseText = await fetchText(altSvcOrigin + "/protocol");
      console.log("after clear:", responseText);
      // Store "h3" state in Alt-Svc cache
      for (let i = 0; i < 3; ++i) {
        await fetch(altSvcOrigin + "/set");
        await sleepMs(100);
      }
      responseText = await fetchText(altSvcOrigin + "/protocol");
      console.log("after set:", responseText);
    }

read: async () => {
      const protocol = await fetchText(altSvcOrigin + "/protocol");
      if ((new URL(location)).searchParams.get("thirdparty") === "same") {
        if (protocol !== "h3") {
          throw new Error("Unsupported");
        }
      }
      return protocol;
    }

result, same first party: h3

result, different first party: h2

unsupported: false

passed: true

test failed: false
Passed
write: async () => {
      // Clear Alt-Svc caching first.
      let responseText = "";
      for (let i = 0; i < 3; ++i) {
        await fetch(altSvcOrigin + "/clear");
        await sleepMs(100);
      }
      responseText = await fetchText(altSvcOrigin + "/protocol");
      console.log("after clear:", responseText);
      // Store "h3" state in Alt-Svc cache
      for (let i = 0; i < 3; ++i) {
        await fetch(altSvcOrigin + "/set");
        await sleepMs(100);
      }
      responseText = await fetchText(altSvcOrigin + "/protocol");
      console.log("after set:", responseText);
    }

read: async () => {
      const protocol = await fetchText(altSvcOrigin + "/protocol");
      if ((new URL(location)).searchParams.get("thirdparty") === "same") {
        if (protocol !== "h3") {
          throw new Error("Unsupported");
        }
      }
      return protocol;
    }

result, same first party: h3

result, different first party: h2

unsupported: false

passed: true

test failed: false
Unsupported
write: async () => {
      // Clear Alt-Svc caching first.
      let responseText = "";
      for (let i = 0; i < 3; ++i) {
        await fetch(altSvcOrigin + "/clear");
        await sleepMs(100);
      }
      responseText = await fetchText(altSvcOrigin + "/protocol");
      console.log("after clear:", responseText);
      // Store "h3" state in Alt-Svc cache
      for (let i = 0; i < 3; ++i) {
        await fetch(altSvcOrigin + "/set");
        await sleepMs(100);
      }
      responseText = await fetchText(altSvcOrigin + "/protocol");
      console.log("after set:", responseText);
    }

read: async () => {
      const protocol = await fetchText(altSvcOrigin + "/protocol");
      if ((new URL(location)).searchParams.get("thirdparty") === "same") {
        if (protocol !== "h3") {
          throw new Error("Unsupported");
        }
      }
      return protocol;
    }

result, same first party: Error: Unsupported

result, different first party: h3

unsupported: true

passed: undefined

test failed: false
Unsupported
write: async () => {
      // Clear Alt-Svc caching first.
      let responseText = "";
      for (let i = 0; i < 3; ++i) {
        await fetch(altSvcOrigin + "/clear");
        await sleepMs(100);
      }
      responseText = await fetchText(altSvcOrigin + "/protocol");
      console.log("after clear:", responseText);
      // Store "h3" state in Alt-Svc cache
      for (let i = 0; i < 3; ++i) {
        await fetch(altSvcOrigin + "/set");
        await sleepMs(100);
      }
      responseText = await fetchText(altSvcOrigin + "/protocol");
      console.log("after set:", responseText);
    }

read: async () => {
      const protocol = await fetchText(altSvcOrigin + "/protocol");
      if ((new URL(location)).searchParams.get("thirdparty") === "same") {
        if (protocol !== "h3") {
          throw new Error("Unsupported");
        }
      }
      return protocol;
    }

result, same first party: Error: Unsupported

result, different first party: h2

unsupported: true

passed: undefined

test failed: false
Passed
write: async () => {
      // Clear Alt-Svc caching first.
      let responseText = "";
      for (let i = 0; i < 3; ++i) {
        await fetch(altSvcOrigin + "/clear");
        await sleepMs(100);
      }
      responseText = await fetchText(altSvcOrigin + "/protocol");
      console.log("after clear:", responseText);
      // Store "h3" state in Alt-Svc cache
      for (let i = 0; i < 3; ++i) {
        await fetch(altSvcOrigin + "/set");
        await sleepMs(100);
      }
      responseText = await fetchText(altSvcOrigin + "/protocol");
      console.log("after set:", responseText);
    }

read: async () => {
      const protocol = await fetchText(altSvcOrigin + "/protocol");
      if ((new URL(location)).searchParams.get("thirdparty") === "same") {
        if (protocol !== "h3") {
          throw new Error("Unsupported");
        }
      }
      return protocol;
    }

result, same first party: h3

result, different first party: h2

unsupported: false

passed: true

test failed: false
blob
A 'blob URL' is a local reference to some raw data. Trackers can use a blob URL to share data between websites.
              
Passed
write: (secret) => {
      try {
        let blobURL = URL.createObjectURL(new Blob([secret]));
        fetch(`${baseURI}blob?mode=write&key=${secret}&blobUrl=${encodeURIComponent(blobURL)}`);
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: async (secret) => {
      let response = await fetch(`${baseURI}blob?mode=read&key=${secret}`);
      let result = await response.json();
      let blobUrl = decodeURIComponent(result.blobUrl);
      let blobResponse = await fetch(blobUrl);
      return blobResponse.text();
    }

result, same first party: f7e729f7-9e22-4b1b-baa7-038cdd2b7466

result, different first party: Error: Failed to fetch

unsupported: false

passed: true

test failed: false
Failed
write: (secret) => {
      try {
        let blobURL = URL.createObjectURL(new Blob([secret]));
        fetch(`${baseURI}blob?mode=write&key=${secret}&blobUrl=${encodeURIComponent(blobURL)}`);
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: async (secret) => {
      let response = await fetch(`${baseURI}blob?mode=read&key=${secret}`);
      let result = await response.json();
      let blobUrl = decodeURIComponent(result.blobUrl);
      let blobResponse = await fetch(blobUrl);
      return blobResponse.text();
    }

result, same first party: eac80989-abd5-4d75-ab7d-bc4b3f378167

result, different first party: eac80989-abd5-4d75-ab7d-bc4b3f378167

unsupported: false

passed: false

test failed: false
Passed
write: (secret) => {
      try {
        let blobURL = URL.createObjectURL(new Blob([secret]));
        fetch(`${baseURI}blob?mode=write&key=${secret}&blobUrl=${encodeURIComponent(blobURL)}`);
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: async (secret) => {
      let response = await fetch(`${baseURI}blob?mode=read&key=${secret}`);
      let result = await response.json();
      let blobUrl = decodeURIComponent(result.blobUrl);
      let blobResponse = await fetch(blobUrl);
      return blobResponse.text();
    }

result, same first party: 8dcf3049-0641-4832-bc66-2373dea8b2ff

result, different first party: Error: Load failed

unsupported: false

passed: true

test failed: false
Failed
write: (secret) => {
      try {
        let blobURL = URL.createObjectURL(new Blob([secret]));
        fetch(`${baseURI}blob?mode=write&key=${secret}&blobUrl=${encodeURIComponent(blobURL)}`);
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: async (secret) => {
      let response = await fetch(`${baseURI}blob?mode=read&key=${secret}`);
      let result = await response.json();
      let blobUrl = decodeURIComponent(result.blobUrl);
      let blobResponse = await fetch(blobUrl);
      return blobResponse.text();
    }

result, same first party: 25ffccc7-68bd-4d2f-86e0-8a0bb87be277

result, different first party: 25ffccc7-68bd-4d2f-86e0-8a0bb87be277

unsupported: false

passed: false

test failed: false
Passed
write: (secret) => {
      try {
        let blobURL = URL.createObjectURL(new Blob([secret]));
        fetch(`${baseURI}blob?mode=write&key=${secret}&blobUrl=${encodeURIComponent(blobURL)}`);
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: async (secret) => {
      let response = await fetch(`${baseURI}blob?mode=read&key=${secret}`);
      let result = await response.json();
      let blobUrl = decodeURIComponent(result.blobUrl);
      let blobResponse = await fetch(blobUrl);
      return blobResponse.text();
    }

result, same first party: eb0dda01-983e-40e8-b21b-217f51793243

result, different first party: Error: NetworkError when attempting to fetch resource.

unsupported: false

passed: true

test failed: false
Failed
write: (secret) => {
      try {
        let blobURL = URL.createObjectURL(new Blob([secret]));
        fetch(`${baseURI}blob?mode=write&key=${secret}&blobUrl=${encodeURIComponent(blobURL)}`);
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: async (secret) => {
      let response = await fetch(`${baseURI}blob?mode=read&key=${secret}`);
      let result = await response.json();
      let blobUrl = decodeURIComponent(result.blobUrl);
      let blobResponse = await fetch(blobUrl);
      return blobResponse.text();
    }

result, same first party: e91cf262-3db2-4ce2-9312-b912493f0ef0

result, different first party: e91cf262-3db2-4ce2-9312-b912493f0ef0

unsupported: false

passed: false

test failed: false
Passed
write: (secret) => {
      try {
        let blobURL = URL.createObjectURL(new Blob([secret]));
        fetch(`${baseURI}blob?mode=write&key=${secret}&blobUrl=${encodeURIComponent(blobURL)}`);
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: async (secret) => {
      let response = await fetch(`${baseURI}blob?mode=read&key=${secret}`);
      let result = await response.json();
      let blobUrl = decodeURIComponent(result.blobUrl);
      let blobResponse = await fetch(blobUrl);
      return blobResponse.text();
    }

result, same first party: e54f56ee-527d-4b84-847f-9120b105376f

result, different first party: Error: Load failed

unsupported: false

passed: true

test failed: false
Passed
write: (secret) => {
      try {
        let blobURL = URL.createObjectURL(new Blob([secret]));
        fetch(`${baseURI}blob?mode=write&key=${secret}&blobUrl=${encodeURIComponent(blobURL)}`);
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: async (secret) => {
      let response = await fetch(`${baseURI}blob?mode=read&key=${secret}`);
      let result = await response.json();
      let blobUrl = decodeURIComponent(result.blobUrl);
      let blobResponse = await fetch(blobUrl);
      return blobResponse.text();
    }

result, same first party: 80df2b1d-cc96-4f9a-8af8-418737aa9557

result, different first party: Error: NetworkError when attempting to fetch resource.

unsupported: false

passed: true

test failed: false
Failed
write: (secret) => {
      try {
        let blobURL = URL.createObjectURL(new Blob([secret]));
        fetch(`${baseURI}blob?mode=write&key=${secret}&blobUrl=${encodeURIComponent(blobURL)}`);
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: async (secret) => {
      let response = await fetch(`${baseURI}blob?mode=read&key=${secret}`);
      let result = await response.json();
      let blobUrl = decodeURIComponent(result.blobUrl);
      let blobResponse = await fetch(blobUrl);
      return blobResponse.text();
    }

result, same first party: 5c4b21b3-6581-43d2-8006-dc5d38ff986b

result, different first party: 5c4b21b3-6581-43d2-8006-dc5d38ff986b

unsupported: false

passed: false

test failed: false
BroadcastChannel
A BroadcastChannel is designed to send messages between tabs. In some browsers it can be used for cross-site communication and tracking.
              
Passed
write: (secret) => {
      try {
        let bc = new BroadcastChannel("secrets");
        bc.onmessage = (event) => {
          if (event.data === "request") {
            bc.postMessage(secret);
          }
        };
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: () =>
      new Promise((resolve, reject) => {
        let bc = new BroadcastChannel("secrets");
        bc.onmessage = (event) => {
          if (event.data !== "request") {
            resolve(event.data);
          }
        };
        bc.postMessage("request");
        setTimeout(() => reject({message: "no BroadcastChannel message"}), 3000);
      })

result, same first party: f7e729f7-9e22-4b1b-baa7-038cdd2b7466

result, different first party: Error: no BroadcastChannel message

unsupported: false

passed: true

test failed: false
Passed
write: (secret) => {
      try {
        let bc = new BroadcastChannel("secrets");
        bc.onmessage = (event) => {
          if (event.data === "request") {
            bc.postMessage(secret);
          }
        };
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: () =>
      new Promise((resolve, reject) => {
        let bc = new BroadcastChannel("secrets");
        bc.onmessage = (event) => {
          if (event.data !== "request") {
            resolve(event.data);
          }
        };
        bc.postMessage("request");
        setTimeout(() => reject({message: "no BroadcastChannel message"}), 3000);
      })

result, same first party: eac80989-abd5-4d75-ab7d-bc4b3f378167

result, different first party: Error: no BroadcastChannel message

unsupported: false

passed: true

test failed: false
Passed
write: (secret) => {
      try {
        let bc = new BroadcastChannel("secrets");
        bc.onmessage = (event) => {
          if (event.data === "request") {
            bc.postMessage(secret);
          }
        };
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: () =>
      new Promise((resolve, reject) => {
        let bc = new BroadcastChannel("secrets");
        bc.onmessage = (event) => {
          if (event.data !== "request") {
            resolve(event.data);
          }
        };
        bc.postMessage("request");
        setTimeout(() => reject({message: "no BroadcastChannel message"}), 3000);
      })

result, same first party: 8dcf3049-0641-4832-bc66-2373dea8b2ff

result, different first party: Error: no BroadcastChannel message

unsupported: false

passed: true

test failed: false
Passed
write: (secret) => {
      try {
        let bc = new BroadcastChannel("secrets");
        bc.onmessage = (event) => {
          if (event.data === "request") {
            bc.postMessage(secret);
          }
        };
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: () =>
      new Promise((resolve, reject) => {
        let bc = new BroadcastChannel("secrets");
        bc.onmessage = (event) => {
          if (event.data !== "request") {
            resolve(event.data);
          }
        };
        bc.postMessage("request");
        setTimeout(() => reject({message: "no BroadcastChannel message"}), 3000);
      })

result, same first party: 25ffccc7-68bd-4d2f-86e0-8a0bb87be277

result, different first party: Error: no BroadcastChannel message

unsupported: false

passed: true

test failed: false
Passed
write: (secret) => {
      try {
        let bc = new BroadcastChannel("secrets");
        bc.onmessage = (event) => {
          if (event.data === "request") {
            bc.postMessage(secret);
          }
        };
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: () =>
      new Promise((resolve, reject) => {
        let bc = new BroadcastChannel("secrets");
        bc.onmessage = (event) => {
          if (event.data !== "request") {
            resolve(event.data);
          }
        };
        bc.postMessage("request");
        setTimeout(() => reject({message: "no BroadcastChannel message"}), 3000);
      })

result, same first party: eb0dda01-983e-40e8-b21b-217f51793243

result, different first party: Error: no BroadcastChannel message

unsupported: false

passed: true

test failed: false
Passed
write: (secret) => {
      try {
        let bc = new BroadcastChannel("secrets");
        bc.onmessage = (event) => {
          if (event.data === "request") {
            bc.postMessage(secret);
          }
        };
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: () =>
      new Promise((resolve, reject) => {
        let bc = new BroadcastChannel("secrets");
        bc.onmessage = (event) => {
          if (event.data !== "request") {
            resolve(event.data);
          }
        };
        bc.postMessage("request");
        setTimeout(() => reject({message: "no BroadcastChannel message"}), 3000);
      })

result, same first party: e91cf262-3db2-4ce2-9312-b912493f0ef0

result, different first party: Error: no BroadcastChannel message

unsupported: false

passed: true

test failed: false
Passed
write: (secret) => {
      try {
        let bc = new BroadcastChannel("secrets");
        bc.onmessage = (event) => {
          if (event.data === "request") {
            bc.postMessage(secret);
          }
        };
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: () =>
      new Promise((resolve, reject) => {
        let bc = new BroadcastChannel("secrets");
        bc.onmessage = (event) => {
          if (event.data !== "request") {
            resolve(event.data);
          }
        };
        bc.postMessage("request");
        setTimeout(() => reject({message: "no BroadcastChannel message"}), 3000);
      })

result, same first party: e54f56ee-527d-4b84-847f-9120b105376f

result, different first party: Error: no BroadcastChannel message

unsupported: false

passed: true

test failed: false
Passed
write: (secret) => {
      try {
        let bc = new BroadcastChannel("secrets");
        bc.onmessage = (event) => {
          if (event.data === "request") {
            bc.postMessage(secret);
          }
        };
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: () =>
      new Promise((resolve, reject) => {
        let bc = new BroadcastChannel("secrets");
        bc.onmessage = (event) => {
          if (event.data !== "request") {
            resolve(event.data);
          }
        };
        bc.postMessage("request");
        setTimeout(() => reject({message: "no BroadcastChannel message"}), 3000);
      })

result, same first party: 80df2b1d-cc96-4f9a-8af8-418737aa9557

result, different first party: Error: The operation is insecure.

unsupported: false

passed: true

test failed: false
Passed
write: (secret) => {
      try {
        let bc = new BroadcastChannel("secrets");
        bc.onmessage = (event) => {
          if (event.data === "request") {
            bc.postMessage(secret);
          }
        };
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: () =>
      new Promise((resolve, reject) => {
        let bc = new BroadcastChannel("secrets");
        bc.onmessage = (event) => {
          if (event.data !== "request") {
            resolve(event.data);
          }
        };
        bc.postMessage("request");
        setTimeout(() => reject({message: "no BroadcastChannel message"}), 3000);
      })

result, same first party: 5c4b21b3-6581-43d2-8006-dc5d38ff986b

result, different first party: Error: no BroadcastChannel message

unsupported: false

passed: true

test failed: false
CacheStorage
The Cache API is a content storage mechanism originally introduced to support ServiceWorkers. If the same Cache object is accessible to multiple websites, it can be abused to track users.
              
Passed
write: async (key) => {
      try {
        let cache = await caches.open("supercookies");
        cache.addAll([`test.css?key=${key}`]);
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: async () => {
      let cache = await caches.open("supercookies");
      let cacheKeys = await cache.keys();
      let url = cacheKeys[0].url;
      return (new URL(url)).searchParams.get("key");
    }

result, same first party: f7e729f7-9e22-4b1b-baa7-038cdd2b7466

result, different first party: Error: Cannot read properties of undefined (reading 'url')

unsupported: false

passed: true

test failed: false
Passed
write: async (key) => {
      try {
        let cache = await caches.open("supercookies");
        cache.addAll([`test.css?key=${key}`]);
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: async () => {
      let cache = await caches.open("supercookies");
      let cacheKeys = await cache.keys();
      let url = cacheKeys[0].url;
      return (new URL(url)).searchParams.get("key");
    }

result, same first party: eac80989-abd5-4d75-ab7d-bc4b3f378167

result, different first party: Error: Cannot read properties of undefined (reading 'url')

unsupported: false

passed: true

test failed: false
Passed
write: async (key) => {
      try {
        let cache = await caches.open("supercookies");
        cache.addAll([`test.css?key=${key}`]);
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: async () => {
      let cache = await caches.open("supercookies");
      let cacheKeys = await cache.keys();
      let url = cacheKeys[0].url;
      return (new URL(url)).searchParams.get("key");
    }

result, same first party: 8dcf3049-0641-4832-bc66-2373dea8b2ff

result, different first party: Error: undefined is not an object (evaluating 'cacheKeys[0].url')

unsupported: false

passed: true

test failed: false
Passed
write: async (key) => {
      try {
        let cache = await caches.open("supercookies");
        cache.addAll([`test.css?key=${key}`]);
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: async () => {
      let cache = await caches.open("supercookies");
      let cacheKeys = await cache.keys();
      let url = cacheKeys[0].url;
      return (new URL(url)).searchParams.get("key");
    }

result, same first party: 25ffccc7-68bd-4d2f-86e0-8a0bb87be277

result, different first party: Error: Cannot read properties of undefined (reading 'url')

unsupported: false

passed: true

test failed: false
Passed
write: async (key) => {
      try {
        let cache = await caches.open("supercookies");
        cache.addAll([`test.css?key=${key}`]);
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: async () => {
      let cache = await caches.open("supercookies");
      let cacheKeys = await cache.keys();
      let url = cacheKeys[0].url;
      return (new URL(url)).searchParams.get("key");
    }

result, same first party: eb0dda01-983e-40e8-b21b-217f51793243

result, different first party: Error: can't access property "url", cacheKeys[0] is undefined

unsupported: false

passed: true

test failed: false
Passed
write: async (key) => {
      try {
        let cache = await caches.open("supercookies");
        cache.addAll([`test.css?key=${key}`]);
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: async () => {
      let cache = await caches.open("supercookies");
      let cacheKeys = await cache.keys();
      let url = cacheKeys[0].url;
      return (new URL(url)).searchParams.get("key");
    }

result, same first party: e91cf262-3db2-4ce2-9312-b912493f0ef0

result, different first party: Error: Cannot read properties of undefined (reading 'url')

unsupported: false

passed: true

test failed: false
Passed
write: async (key) => {
      try {
        let cache = await caches.open("supercookies");
        cache.addAll([`test.css?key=${key}`]);
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: async () => {
      let cache = await caches.open("supercookies");
      let cacheKeys = await cache.keys();
      let url = cacheKeys[0].url;
      return (new URL(url)).searchParams.get("key");
    }

result, same first party: c29ade6f-6e91-4000-9582-ca243d4f2894

result, different first party: Error: undefined is not an object (evaluating 'cacheKeys[0].url')

unsupported: false

passed: true

test failed: false
Unsupported
write: async (key) => {
      try {
        let cache = await caches.open("supercookies");
        cache.addAll([`test.css?key=${key}`]);
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: async () => {
      let cache = await caches.open("supercookies");
      let cacheKeys = await cache.keys();
      let url = cacheKeys[0].url;
      return (new URL(url)).searchParams.get("key");
    }

result, same first party: Error: The operation is insecure.

result, different first party: Error: The operation is insecure.

unsupported: true

passed: undefined

test failed: false
Passed
write: async (key) => {
      try {
        let cache = await caches.open("supercookies");
        cache.addAll([`test.css?key=${key}`]);
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: async () => {
      let cache = await caches.open("supercookies");
      let cacheKeys = await cache.keys();
      let url = cacheKeys[0].url;
      return (new URL(url)).searchParams.get("key");
    }

result, same first party: 5c4b21b3-6581-43d2-8006-dc5d38ff986b

result, different first party: Error: Cannot read properties of undefined (reading 'url')

unsupported: false

passed: true

test failed: false
cookie (HTTP)
The cookie, first introduced by Netscape in 1994, is a small amount of data stored by your browser on a website's behalf. It has legitimate uses, but it is also the classic cross-site tracking mechanism, and today still the most popular method of tracking users across websites. Browsers can stop cookies from being used for cross-site tracking by either blocking or partitioning them.
              
Passed
write: async (secret) => {
      // Request a page that will send an HTTPOnly 'set-cookie' response header with secret value.
      await fetch(`${baseURI}cookie?secret=${secret}_http`);
    }

read: async () => {
      // Test if we now send a requests with a 'cookie' header containing the secret.
      let response = await fetch(`${baseURI}headers`);
      let cookie = (await response.json())["cookie"];
      return cookie ? cookie.match(/secret=([\w-]+)/)[1]: null;
    }

result, same first party: f7e729f7-9e22-4b1b-baa7-038cdd2b7466_http

result, different first party: null

unsupported: false

passed: true

test failed: false
Failed
write: async (secret) => {
      // Request a page that will send an HTTPOnly 'set-cookie' response header with secret value.
      await fetch(`${baseURI}cookie?secret=${secret}_http`);
    }

read: async () => {
      // Test if we now send a requests with a 'cookie' header containing the secret.
      let response = await fetch(`${baseURI}headers`);
      let cookie = (await response.json())["cookie"];
      return cookie ? cookie.match(/secret=([\w-]+)/)[1]: null;
    }

result, same first party: eac80989-abd5-4d75-ab7d-bc4b3f378167_http

result, different first party: eac80989-abd5-4d75-ab7d-bc4b3f378167_http

unsupported: false

passed: false

test failed: false
Passed
write: async (secret) => {
      // Request a page that will send an HTTPOnly 'set-cookie' response header with secret value.
      await fetch(`${baseURI}cookie?secret=${secret}_http`);
    }

read: async () => {
      // Test if we now send a requests with a 'cookie' header containing the secret.
      let response = await fetch(`${baseURI}headers`);
      let cookie = (await response.json())["cookie"];
      return cookie ? cookie.match(/secret=([\w-]+)/)[1]: null;
    }

result, same first party: 8dcf3049-0641-4832-bc66-2373dea8b2ff_http

result, different first party: null

unsupported: false

passed: true

test failed: false
Failed
write: async (secret) => {
      // Request a page that will send an HTTPOnly 'set-cookie' response header with secret value.
      await fetch(`${baseURI}cookie?secret=${secret}_http`);
    }

read: async () => {
      // Test if we now send a requests with a 'cookie' header containing the secret.
      let response = await fetch(`${baseURI}headers`);
      let cookie = (await response.json())["cookie"];
      return cookie ? cookie.match(/secret=([\w-]+)/)[1]: null;
    }

result, same first party: 25ffccc7-68bd-4d2f-86e0-8a0bb87be277_http

result, different first party: 25ffccc7-68bd-4d2f-86e0-8a0bb87be277_http

unsupported: false

passed: false

test failed: false
Passed
write: async (secret) => {
      // Request a page that will send an HTTPOnly 'set-cookie' response header with secret value.
      await fetch(`${baseURI}cookie?secret=${secret}_http`);
    }

read: async () => {
      // Test if we now send a requests with a 'cookie' header containing the secret.
      let response = await fetch(`${baseURI}headers`);
      let cookie = (await response.json())["cookie"];
      return cookie ? cookie.match(/secret=([\w-]+)/)[1]: null;
    }

result, same first party: eb0dda01-983e-40e8-b21b-217f51793243_http

result, different first party: null

unsupported: false

passed: true

test failed: false
Failed
write: async (secret) => {
      // Request a page that will send an HTTPOnly 'set-cookie' response header with secret value.
      await fetch(`${baseURI}cookie?secret=${secret}_http`);
    }

read: async () => {
      // Test if we now send a requests with a 'cookie' header containing the secret.
      let response = await fetch(`${baseURI}headers`);
      let cookie = (await response.json())["cookie"];
      return cookie ? cookie.match(/secret=([\w-]+)/)[1]: null;
    }

result, same first party: e91cf262-3db2-4ce2-9312-b912493f0ef0_http

result, different first party: e91cf262-3db2-4ce2-9312-b912493f0ef0_http

unsupported: false

passed: false

test failed: false
Passed
write: async (secret) => {
      // Request a page that will send an HTTPOnly 'set-cookie' response header with secret value.
      await fetch(`${baseURI}cookie?secret=${secret}_http`);
    }

read: async () => {
      // Test if we now send a requests with a 'cookie' header containing the secret.
      let response = await fetch(`${baseURI}headers`);
      let cookie = (await response.json())["cookie"];
      return cookie ? cookie.match(/secret=([\w-]+)/)[1]: null;
    }

result, same first party: e54f56ee-527d-4b84-847f-9120b105376f_http

result, different first party: null

unsupported: false

passed: true

test failed: false
Passed
write: async (secret) => {
      // Request a page that will send an HTTPOnly 'set-cookie' response header with secret value.
      await fetch(`${baseURI}cookie?secret=${secret}_http`);
    }

read: async () => {
      // Test if we now send a requests with a 'cookie' header containing the secret.
      let response = await fetch(`${baseURI}headers`);
      let cookie = (await response.json())["cookie"];
      return cookie ? cookie.match(/secret=([\w-]+)/)[1]: null;
    }

result, same first party: 80df2b1d-cc96-4f9a-8af8-418737aa9557_http

result, different first party: null

unsupported: false

passed: true

test failed: false
Failed
write: async (secret) => {
      // Request a page that will send an HTTPOnly 'set-cookie' response header with secret value.
      await fetch(`${baseURI}cookie?secret=${secret}_http`);
    }

read: async () => {
      // Test if we now send a requests with a 'cookie' header containing the secret.
      let response = await fetch(`${baseURI}headers`);
      let cookie = (await response.json())["cookie"];
      return cookie ? cookie.match(/secret=([\w-]+)/)[1]: null;
    }

result, same first party: 5c4b21b3-6581-43d2-8006-dc5d38ff986b_http

result, different first party: 5c4b21b3-6581-43d2-8006-dc5d38ff986b_http

unsupported: false

passed: false

test failed: false
cookie (JS)
The cookie, first introduced by Netscape in 1994, is a small amount of data stored by your browser on a website's behalf. It has legitimate uses, but it is also the classic cross-site tracking mechanism, and today still the most popular method of tracking users across websites. Browsers can stop cookies from being used for cross-site tracking by either blocking or partitioning them.
              
Passed
write: (secret) => {
      document.cookie = `secret=${secret}_js; max-age=3600; SameSite=None; Secure`;
    }

read: () => document.cookie ? document.cookie.match(/secret=([\w-]+)/)[1] : null

result, same first party: f7e729f7-9e22-4b1b-baa7-038cdd2b7466_js

result, different first party: null

unsupported: false

passed: true

test failed: false
Failed
write: (secret) => {
      document.cookie = `secret=${secret}_js; max-age=3600; SameSite=None; Secure`;
    }

read: () => document.cookie ? document.cookie.match(/secret=([\w-]+)/)[1] : null

result, same first party: eac80989-abd5-4d75-ab7d-bc4b3f378167_js

result, different first party: eac80989-abd5-4d75-ab7d-bc4b3f378167_js

unsupported: false

passed: false

test failed: false
Passed
write: (secret) => {
      document.cookie = `secret=${secret}_js; max-age=3600; SameSite=None; Secure`;
    }

read: () => document.cookie ? document.cookie.match(/secret=([\w-]+)/)[1] : null

result, same first party: 8dcf3049-0641-4832-bc66-2373dea8b2ff_js

result, different first party: null

unsupported: false

passed: true

test failed: false
Failed
write: (secret) => {
      document.cookie = `secret=${secret}_js; max-age=3600; SameSite=None; Secure`;
    }

read: () => document.cookie ? document.cookie.match(/secret=([\w-]+)/)[1] : null

result, same first party: 25ffccc7-68bd-4d2f-86e0-8a0bb87be277_js

result, different first party: 25ffccc7-68bd-4d2f-86e0-8a0bb87be277_js

unsupported: false

passed: false

test failed: false
Passed
write: (secret) => {
      document.cookie = `secret=${secret}_js; max-age=3600; SameSite=None; Secure`;
    }

read: () => document.cookie ? document.cookie.match(/secret=([\w-]+)/)[1] : null

result, same first party: eb0dda01-983e-40e8-b21b-217f51793243_js

result, different first party: null

unsupported: false

passed: true

test failed: false
Failed
write: (secret) => {
      document.cookie = `secret=${secret}_js; max-age=3600; SameSite=None; Secure`;
    }

read: () => document.cookie ? document.cookie.match(/secret=([\w-]+)/)[1] : null

result, same first party: e91cf262-3db2-4ce2-9312-b912493f0ef0_js

result, different first party: e91cf262-3db2-4ce2-9312-b912493f0ef0_js

unsupported: false

passed: false

test failed: false
Passed
write: (secret) => {
      document.cookie = `secret=${secret}_js; max-age=3600; SameSite=None; Secure`;
    }

read: () => document.cookie ? document.cookie.match(/secret=([\w-]+)/)[1] : null

result, same first party: e54f56ee-527d-4b84-847f-9120b105376f_js

result, different first party: null

unsupported: false

passed: true

test failed: false
Passed
write: (secret) => {
      document.cookie = `secret=${secret}_js; max-age=3600; SameSite=None; Secure`;
    }

read: () => document.cookie ? document.cookie.match(/secret=([\w-]+)/)[1] : null

result, same first party: 80df2b1d-cc96-4f9a-8af8-418737aa9557_js

result, different first party: null

unsupported: false

passed: true

test failed: false
Failed
write: (secret) => {
      document.cookie = `secret=${secret}_js; max-age=3600; SameSite=None; Secure`;
    }

read: () => document.cookie ? document.cookie.match(/secret=([\w-]+)/)[1] : null

result, same first party: 5c4b21b3-6581-43d2-8006-dc5d38ff986b_js

result, different first party: 5c4b21b3-6581-43d2-8006-dc5d38ff986b_js

unsupported: false

passed: false

test failed: false
CookieStore
The Cookie Store API is an alternative asynchronous API for managing cookies, supported by some browsers.
              
Passed
write: (data) => {
      const msPerHour = 60 * 60 * 1000;
      if (!window.cookieStore) {
        throw new Error("Unsupported");
      }
      window.cookieStore.set({
        name: "partition_test",
        value: data,
        expires: Date.now() + msPerHour,
        sameSite: "none"
      });
    }

read: async () => {
      if (!window.cookieStore) {
        throw new Error("Unsupported");
      }
      const cookie = await window.cookieStore.get("partition_test");
      if (!cookie) {
        return null;
      }
      return cookie.value;
    }

result, same first party: f7e729f7-9e22-4b1b-baa7-038cdd2b7466

result, different first party: null

unsupported: false

passed: true

test failed: false
Failed
write: (data) => {
      const msPerHour = 60 * 60 * 1000;
      if (!window.cookieStore) {
        throw new Error("Unsupported");
      }
      window.cookieStore.set({
        name: "partition_test",
        value: data,
        expires: Date.now() + msPerHour,
        sameSite: "none"
      });
    }

read: async () => {
      if (!window.cookieStore) {
        throw new Error("Unsupported");
      }
      const cookie = await window.cookieStore.get("partition_test");
      if (!cookie) {
        return null;
      }
      return cookie.value;
    }

result, same first party: eac80989-abd5-4d75-ab7d-bc4b3f378167

result, different first party: eac80989-abd5-4d75-ab7d-bc4b3f378167

unsupported: false

passed: false

test failed: false
Unsupported
write: (data) => {
      const msPerHour = 60 * 60 * 1000;
      if (!window.cookieStore) {
        throw new Error("Unsupported");
      }
      window.cookieStore.set({
        name: "partition_test",
        value: data,
        expires: Date.now() + msPerHour,
        sameSite: "none"
      });
    }

read: async () => {
      if (!window.cookieStore) {
        throw new Error("Unsupported");
      }
      const cookie = await window.cookieStore.get("partition_test");
      if (!cookie) {
        return null;
      }
      return cookie.value;
    }

result, same first party: Error: Unsupported

result, different first party: Error: Unsupported

unsupported: true

passed: undefined

test failed: false
Failed
write: (data) => {
      const msPerHour = 60 * 60 * 1000;
      if (!window.cookieStore) {
        throw new Error("Unsupported");
      }
      window.cookieStore.set({
        name: "partition_test",
        value: data,
        expires: Date.now() + msPerHour,
        sameSite: "none"
      });
    }

read: async () => {
      if (!window.cookieStore) {
        throw new Error("Unsupported");
      }
      const cookie = await window.cookieStore.get("partition_test");
      if (!cookie) {
        return null;
      }
      return cookie.value;
    }

result, same first party: 25ffccc7-68bd-4d2f-86e0-8a0bb87be277

result, different first party: 25ffccc7-68bd-4d2f-86e0-8a0bb87be277

unsupported: false

passed: false

test failed: false
Unsupported
write: (data) => {
      const msPerHour = 60 * 60 * 1000;
      if (!window.cookieStore) {
        throw new Error("Unsupported");
      }
      window.cookieStore.set({
        name: "partition_test",
        value: data,
        expires: Date.now() + msPerHour,
        sameSite: "none"
      });
    }

read: async () => {
      if (!window.cookieStore) {
        throw new Error("Unsupported");
      }
      const cookie = await window.cookieStore.get("partition_test");
      if (!cookie) {
        return null;
      }
      return cookie.value;
    }

result, same first party: Error: Unsupported

result, different first party: Error: Unsupported

unsupported: true

passed: undefined

test failed: false
Failed
write: (data) => {
      const msPerHour = 60 * 60 * 1000;
      if (!window.cookieStore) {
        throw new Error("Unsupported");
      }
      window.cookieStore.set({
        name: "partition_test",
        value: data,
        expires: Date.now() + msPerHour,
        sameSite: "none"
      });
    }

read: async () => {
      if (!window.cookieStore) {
        throw new Error("Unsupported");
      }
      const cookie = await window.cookieStore.get("partition_test");
      if (!cookie) {
        return null;
      }
      return cookie.value;
    }

result, same first party: e91cf262-3db2-4ce2-9312-b912493f0ef0

result, different first party: e91cf262-3db2-4ce2-9312-b912493f0ef0

unsupported: false

passed: false

test failed: false
Unsupported
write: (data) => {
      const msPerHour = 60 * 60 * 1000;
      if (!window.cookieStore) {
        throw new Error("Unsupported");
      }
      window.cookieStore.set({
        name: "partition_test",
        value: data,
        expires: Date.now() + msPerHour,
        sameSite: "none"
      });
    }

read: async () => {
      if (!window.cookieStore) {
        throw new Error("Unsupported");
      }
      const cookie = await window.cookieStore.get("partition_test");
      if (!cookie) {
        return null;
      }
      return cookie.value;
    }

result, same first party: Error: Unsupported

result, different first party: Error: Unsupported

unsupported: true

passed: undefined

test failed: false
Unsupported
write: (data) => {
      const msPerHour = 60 * 60 * 1000;
      if (!window.cookieStore) {
        throw new Error("Unsupported");
      }
      window.cookieStore.set({
        name: "partition_test",
        value: data,
        expires: Date.now() + msPerHour,
        sameSite: "none"
      });
    }

read: async () => {
      if (!window.cookieStore) {
        throw new Error("Unsupported");
      }
      const cookie = await window.cookieStore.get("partition_test");
      if (!cookie) {
        return null;
      }
      return cookie.value;
    }

result, same first party: Error: Unsupported

result, different first party: Error: Unsupported

unsupported: true

passed: undefined

test failed: false
Failed
write: (data) => {
      const msPerHour = 60 * 60 * 1000;
      if (!window.cookieStore) {
        throw new Error("Unsupported");
      }
      window.cookieStore.set({
        name: "partition_test",
        value: data,
        expires: Date.now() + msPerHour,
        sameSite: "none"
      });
    }

read: async () => {
      if (!window.cookieStore) {
        throw new Error("Unsupported");
      }
      const cookie = await window.cookieStore.get("partition_test");
      if (!cookie) {
        return null;
      }
      return cookie.value;
    }

result, same first party: 5c4b21b3-6581-43d2-8006-dc5d38ff986b

result, different first party: 5c4b21b3-6581-43d2-8006-dc5d38ff986b

unsupported: false

passed: false

test failed: false
CSS cache
CSS stylesheets are cached, and if that cache is shared between websites, it can be used to track users across sites.
              
Passed
write: async (key) => {
      const href = testURI("resource", "css", key);
      const head = document.getElementsByTagName("head")[0];
      head.innerHTML += `<link type="text/css" rel="stylesheet" href="${href}">`;
      const testElement = document.querySelector("#css");
      let fontFamily;
      while (true) {
        await sleepMs(100);
        fontFamily = getComputedStyle(testElement).fontFamily;
        if (fontFamily.startsWith("fake")) {
          break;
        }
      }
      console.log(fontFamily);
      return key;
    }

read: async (key) => {
      const href = testURI("resource", "css", key);
      const head = document.getElementsByTagName("head")[0];
      head.innerHTML += `<link type="text/css" rel="stylesheet" href="${href}">`;
      const testElement = document.querySelector("#css");
      let fontFamily;
      while (true) {
        await sleepMs(100);
        fontFamily = getComputedStyle(testElement).fontFamily;
        if (fontFamily.startsWith("fake")) {
          break;
        }
      }
      console.log(fontFamily);
      return fontFamily;
    }

result, same first party: fake_7084186771363319

result, different first party: fake_2272268145888534

unsupported: false

passed: true

test failed: false
Passed
write: async (key) => {
      const href = testURI("resource", "css", key);
      const head = document.getElementsByTagName("head")[0];
      head.innerHTML += `<link type="text/css" rel="stylesheet" href="${href}">`;
      const testElement = document.querySelector("#css");
      let fontFamily;
      while (true) {
        await sleepMs(100);
        fontFamily = getComputedStyle(testElement).fontFamily;
        if (fontFamily.startsWith("fake")) {
          break;
        }
      }
      console.log(fontFamily);
      return key;
    }

read: async (key) => {
      const href = testURI("resource", "css", key);
      const head = document.getElementsByTagName("head")[0];
      head.innerHTML += `<link type="text/css" rel="stylesheet" href="${href}">`;
      const testElement = document.querySelector("#css");
      let fontFamily;
      while (true) {
        await sleepMs(100);
        fontFamily = getComputedStyle(testElement).fontFamily;
        if (fontFamily.startsWith("fake")) {
          break;
        }
      }
      console.log(fontFamily);
      return fontFamily;
    }

result, same first party: fake_21618859912707467

result, different first party: fake_6085189803194619

unsupported: false

passed: true

test failed: false
Passed
write: async (key) => {
      const href = testURI("resource", "css", key);
      const head = document.getElementsByTagName("head")[0];
      head.innerHTML += `<link type="text/css" rel="stylesheet" href="${href}">`;
      const testElement = document.querySelector("#css");
      let fontFamily;
      while (true) {
        await sleepMs(100);
        fontFamily = getComputedStyle(testElement).fontFamily;
        if (fontFamily.startsWith("fake")) {
          break;
        }
      }
      console.log(fontFamily);
      return key;
    }

read: async (key) => {
      const href = testURI("resource", "css", key);
      const head = document.getElementsByTagName("head")[0];
      head.innerHTML += `<link type="text/css" rel="stylesheet" href="${href}">`;
      const testElement = document.querySelector("#css");
      let fontFamily;
      while (true) {
        await sleepMs(100);
        fontFamily = getComputedStyle(testElement).fontFamily;
        if (fontFamily.startsWith("fake")) {
          break;
        }
      }
      console.log(fontFamily);
      return fontFamily;
    }

result, same first party: fake_09015397484328402

result, different first party: fake_723254404909278

unsupported: false

passed: true

test failed: false
Passed
write: async (key) => {
      const href = testURI("resource", "css", key);
      const head = document.getElementsByTagName("head")[0];
      head.innerHTML += `<link type="text/css" rel="stylesheet" href="${href}">`;
      const testElement = document.querySelector("#css");
      let fontFamily;
      while (true) {
        await sleepMs(100);
        fontFamily = getComputedStyle(testElement).fontFamily;
        if (fontFamily.startsWith("fake")) {
          break;
        }
      }
      console.log(fontFamily);
      return key;
    }

read: async (key) => {
      const href = testURI("resource", "css", key);
      const head = document.getElementsByTagName("head")[0];
      head.innerHTML += `<link type="text/css" rel="stylesheet" href="${href}">`;
      const testElement = document.querySelector("#css");
      let fontFamily;
      while (true) {
        await sleepMs(100);
        fontFamily = getComputedStyle(testElement).fontFamily;
        if (fontFamily.startsWith("fake")) {
          break;
        }
      }
      console.log(fontFamily);
      return fontFamily;
    }

result, same first party: fake_069659341979881

result, different first party: fake_44882225731218006

unsupported: false

passed: true

test failed: false
Passed
write: async (key) => {
      const href = testURI("resource", "css", key);
      const head = document.getElementsByTagName("head")[0];
      head.innerHTML += `<link type="text/css" rel="stylesheet" href="${href}">`;
      const testElement = document.querySelector("#css");
      let fontFamily;
      while (true) {
        await sleepMs(100);
        fontFamily = getComputedStyle(testElement).fontFamily;
        if (fontFamily.startsWith("fake")) {
          break;
        }
      }
      console.log(fontFamily);
      return key;
    }

read: async (key) => {
      const href = testURI("resource", "css", key);
      const head = document.getElementsByTagName("head")[0];
      head.innerHTML += `<link type="text/css" rel="stylesheet" href="${href}">`;
      const testElement = document.querySelector("#css");
      let fontFamily;
      while (true) {
        await sleepMs(100);
        fontFamily = getComputedStyle(testElement).fontFamily;
        if (fontFamily.startsWith("fake")) {
          break;
        }
      }
      console.log(fontFamily);
      return fontFamily;
    }

result, same first party: fake_20560520785469372

result, different first party: fake_8807832781452121

unsupported: false

passed: true

test failed: false
Passed
write: async (key) => {
      const href = testURI("resource", "css", key);
      const head = document.getElementsByTagName("head")[0];
      head.innerHTML += `<link type="text/css" rel="stylesheet" href="${href}">`;
      const testElement = document.querySelector("#css");
      let fontFamily;
      while (true) {
        await sleepMs(100);
        fontFamily = getComputedStyle(testElement).fontFamily;
        if (fontFamily.startsWith("fake")) {
          break;
        }
      }
      console.log(fontFamily);
      return key;
    }

read: async (key) => {
      const href = testURI("resource", "css", key);
      const head = document.getElementsByTagName("head")[0];
      head.innerHTML += `<link type="text/css" rel="stylesheet" href="${href}">`;
      const testElement = document.querySelector("#css");
      let fontFamily;
      while (true) {
        await sleepMs(100);
        fontFamily = getComputedStyle(testElement).fontFamily;
        if (fontFamily.startsWith("fake")) {
          break;
        }
      }
      console.log(fontFamily);
      return fontFamily;
    }

result, same first party: fake_4695818784434147

result, different first party: fake_23259600374557454

unsupported: false

passed: true

test failed: false
Passed
write: async (key) => {
      const href = testURI("resource", "css", key);
      const head = document.getElementsByTagName("head")[0];
      head.innerHTML += `<link type="text/css" rel="stylesheet" href="${href}">`;
      const testElement = document.querySelector("#css");
      let fontFamily;
      while (true) {
        await sleepMs(100);
        fontFamily = getComputedStyle(testElement).fontFamily;
        if (fontFamily.startsWith("fake")) {
          break;
        }
      }
      console.log(fontFamily);
      return key;
    }

read: async (key) => {
      const href = testURI("resource", "css", key);
      const head = document.getElementsByTagName("head")[0];
      head.innerHTML += `<link type="text/css" rel="stylesheet" href="${href}">`;
      const testElement = document.querySelector("#css");
      let fontFamily;
      while (true) {
        await sleepMs(100);
        fontFamily = getComputedStyle(testElement).fontFamily;
        if (fontFamily.startsWith("fake")) {
          break;
        }
      }
      console.log(fontFamily);
      return fontFamily;
    }

result, same first party: fake_28830244094653334

result, different first party: fake_027602366614611462

unsupported: false

passed: true

test failed: false
Passed
write: async (key) => {
      const href = testURI("resource", "css", key);
      const head = document.getElementsByTagName("head")[0];
      head.innerHTML += `<link type="text/css" rel="stylesheet" href="${href}">`;
      const testElement = document.querySelector("#css");
      let fontFamily;
      while (true) {
        await sleepMs(100);
        fontFamily = getComputedStyle(testElement).fontFamily;
        if (fontFamily.startsWith("fake")) {
          break;
        }
      }
      console.log(fontFamily);
      return key;
    }

read: async (key) => {
      const href = testURI("resource", "css", key);
      const head = document.getElementsByTagName("head")[0];
      head.innerHTML += `<link type="text/css" rel="stylesheet" href="${href}">`;
      const testElement = document.querySelector("#css");
      let fontFamily;
      while (true) {
        await sleepMs(100);
        fontFamily = getComputedStyle(testElement).fontFamily;
        if (fontFamily.startsWith("fake")) {
          break;
        }
      }
      console.log(fontFamily);
      return fontFamily;
    }

result, same first party: fake_7501252736103019

result, different first party: fake_09433906170588457

unsupported: false

passed: true

test failed: false
Passed
write: async (key) => {
      const href = testURI("resource", "css", key);
      const head = document.getElementsByTagName("head")[0];
      head.innerHTML += `<link type="text/css" rel="stylesheet" href="${href}">`;
      const testElement = document.querySelector("#css");
      let fontFamily;
      while (true) {
        await sleepMs(100);
        fontFamily = getComputedStyle(testElement).fontFamily;
        if (fontFamily.startsWith("fake")) {
          break;
        }
      }
      console.log(fontFamily);
      return key;
    }

read: async (key) => {
      const href = testURI("resource", "css", key);
      const head = document.getElementsByTagName("head")[0];
      head.innerHTML += `<link type="text/css" rel="stylesheet" href="${href}">`;
      const testElement = document.querySelector("#css");
      let fontFamily;
      while (true) {
        await sleepMs(100);
        fontFamily = getComputedStyle(testElement).fontFamily;
        if (fontFamily.startsWith("fake")) {
          break;
        }
      }
      console.log(fontFamily);
      return fontFamily;
    }

result, same first party: fake_5008356581461926

result, different first party: fake_6992584555094215

unsupported: false

passed: true

test failed: false
favicon cache
A favicon is an icon that represents a website, typically shown in browser tab and bookmarks menu. If the favicon cache is not partitioned, it can be used to track users across websites.
              
Passed
write: (key) => key

read: async (key) => {
      // Wait for the favicon to load (defined in supercookies.html)
      await sleepMs(2000);
      let response = await fetch(
        testURI("ctr", "favicon", key), {"cache": "reload"});
      let count = (await response.text()).trim();
      if (count === "0") {
        throw new Error("No requests received");
      }
      return count;
    }

result, same first party: 1

result, different first party: 2

unsupported: false

passed: true

test failed: false
Passed
write: (key) => key

read: async (key) => {
      // Wait for the favicon to load (defined in supercookies.html)
      await sleepMs(2000);
      let response = await fetch(
        testURI("ctr", "favicon", key), {"cache": "reload"});
      let count = (await response.text()).trim();
      if (count === "0") {
        throw new Error("No requests received");
      }
      return count;
    }

result, same first party: 1

result, different first party: 2

unsupported: false

passed: true

test failed: false
Failed
write: (key) => key

read: async (key) => {
      // Wait for the favicon to load (defined in supercookies.html)
      await sleepMs(2000);
      let response = await fetch(
        testURI("ctr", "favicon", key), {"cache": "reload"});
      let count = (await response.text()).trim();
      if (count === "0") {
        throw new Error("No requests received");
      }
      return count;
    }

result, same first party: 1

result, different first party: 1

unsupported: false

passed: false

test failed: false
Passed
write: (key) => key

read: async (key) => {
      // Wait for the favicon to load (defined in supercookies.html)
      await sleepMs(2000);
      let response = await fetch(
        testURI("ctr", "favicon", key), {"cache": "reload"});
      let count = (await response.text()).trim();
      if (count === "0") {
        throw new Error("No requests received");
      }
      return count;
    }

result, same first party: 1

result, different first party: 2

unsupported: false

passed: true

test failed: false
Passed
write: (key) => key

read: async (key) => {
      // Wait for the favicon to load (defined in supercookies.html)
      await sleepMs(2000);
      let response = await fetch(
        testURI("ctr", "favicon", key), {"cache": "reload"});
      let count = (await response.text()).trim();
      if (count === "0") {
        throw new Error("No requests received");
      }
      return count;
    }

result, same first party: 1

result, different first party: 2

unsupported: false

passed: true

test failed: false
Passed
write: (key) => key

read: async (key) => {
      // Wait for the favicon to load (defined in supercookies.html)
      await sleepMs(2000);
      let response = await fetch(
        testURI("ctr", "favicon", key), {"cache": "reload"});
      let count = (await response.text()).trim();
      if (count === "0") {
        throw new Error("No requests received");
      }
      return count;
    }

result, same first party: 1

result, different first party: 2

unsupported: false

passed: true

test failed: false
Passed
write: (key) => key

read: async (key) => {
      // Wait for the favicon to load (defined in supercookies.html)
      await sleepMs(2000);
      let response = await fetch(
        testURI("ctr", "favicon", key), {"cache": "reload"});
      let count = (await response.text()).trim();
      if (count === "0") {
        throw new Error("No requests received");
      }
      return count;
    }

result, same first party: 1

result, different first party: 2

unsupported: false

passed: true

test failed: false
Passed
write: (key) => key

read: async (key) => {
      // Wait for the favicon to load (defined in supercookies.html)
      await sleepMs(2000);
      let response = await fetch(
        testURI("ctr", "favicon", key), {"cache": "reload"});
      let count = (await response.text()).trim();
      if (count === "0") {
        throw new Error("No requests received");
      }
      return count;
    }

result, same first party: 1

result, different first party: 2

unsupported: false

passed: true

test failed: false
Passed
write: (key) => key

read: async (key) => {
      // Wait for the favicon to load (defined in supercookies.html)
      await sleepMs(2000);
      let response = await fetch(
        testURI("ctr", "favicon", key), {"cache": "reload"});
      let count = (await response.text()).trim();
      if (count === "0") {
        throw new Error("No requests received");
      }
      return count;
    }

result, same first party: 2

result, different first party: 3

unsupported: false

passed: true

test failed: false
fetch cache
When a resource is received via the Fetch API, it is frequently cached. That cache can potentially be abused for cross-site tracking.
              
Passed
write: async (key) => {
      let response = await fetch(testURI("resource", "fetch", key),
                                 {cache: "force-cache"});
      return key;
    }

read: async (key) => {
      let response = await fetch(testURI("resource", "fetch", key),
                                 {cache: "force-cache"});
      let countResponse = await fetch(testURI("ctr", "fetch", key),
                                      {cache: "reload"});
      return (await countResponse.text()).trim();
    }

result, same first party: 1

result, different first party: 2

unsupported: false

passed: true

test failed: false
Passed
write: async (key) => {
      let response = await fetch(testURI("resource", "fetch", key),
                                 {cache: "force-cache"});
      return key;
    }

read: async (key) => {
      let response = await fetch(testURI("resource", "fetch", key),
                                 {cache: "force-cache"});
      let countResponse = await fetch(testURI("ctr", "fetch", key),
                                      {cache: "reload"});
      return (await countResponse.text()).trim();
    }

result, same first party: 1

result, different first party: 2

unsupported: false

passed: true

test failed: false
Passed
write: async (key) => {
      let response = await fetch(testURI("resource", "fetch", key),
                                 {cache: "force-cache"});
      return key;
    }

read: async (key) => {
      let response = await fetch(testURI("resource", "fetch", key),
                                 {cache: "force-cache"});
      let countResponse = await fetch(testURI("ctr", "fetch", key),
                                      {cache: "reload"});
      return (await countResponse.text()).trim();
    }

result, same first party: 1

result, different first party: 2

unsupported: false

passed: true

test failed: false
Passed
write: async (key) => {
      let response = await fetch(testURI("resource", "fetch", key),
                                 {cache: "force-cache"});
      return key;
    }

read: async (key) => {
      let response = await fetch(testURI("resource", "fetch", key),
                                 {cache: "force-cache"});
      let countResponse = await fetch(testURI("ctr", "fetch", key),
                                      {cache: "reload"});
      return (await countResponse.text()).trim();
    }

result, same first party: 1

result, different first party: 2

unsupported: false

passed: true

test failed: false
Passed
write: async (key) => {
      let response = await fetch(testURI("resource", "fetch", key),
                                 {cache: "force-cache"});
      return key;
    }

read: async (key) => {
      let response = await fetch(testURI("resource", "fetch", key),
                                 {cache: "force-cache"});
      let countResponse = await fetch(testURI("ctr", "fetch", key),
                                      {cache: "reload"});
      return (await countResponse.text()).trim();
    }

result, same first party: 1

result, different first party: 2

unsupported: false

passed: true

test failed: false
Passed
write: async (key) => {
      let response = await fetch(testURI("resource", "fetch", key),
                                 {cache: "force-cache"});
      return key;
    }

read: async (key) => {
      let response = await fetch(testURI("resource", "fetch", key),
                                 {cache: "force-cache"});
      let countResponse = await fetch(testURI("ctr", "fetch", key),
                                      {cache: "reload"});
      return (await countResponse.text()).trim();
    }

result, same first party: 1

result, different first party: 2

unsupported: false

passed: true

test failed: false
Passed
write: async (key) => {
      let response = await fetch(testURI("resource", "fetch", key),
                                 {cache: "force-cache"});
      return key;
    }

read: async (key) => {
      let response = await fetch(testURI("resource", "fetch", key),
                                 {cache: "force-cache"});
      let countResponse = await fetch(testURI("ctr", "fetch", key),
                                      {cache: "reload"});
      return (await countResponse.text()).trim();
    }

result, same first party: 2

result, different first party: 3

unsupported: false

passed: true

test failed: false
Passed
write: async (key) => {
      let response = await fetch(testURI("resource", "fetch", key),
                                 {cache: "force-cache"});
      return key;
    }

read: async (key) => {
      let response = await fetch(testURI("resource", "fetch", key),
                                 {cache: "force-cache"});
      let countResponse = await fetch(testURI("ctr", "fetch", key),
                                      {cache: "reload"});
      return (await countResponse.text()).trim();
    }

result, same first party: 1

result, different first party: 2

unsupported: false

passed: true

test failed: false
Passed
write: async (key) => {
      let response = await fetch(testURI("resource", "fetch", key),
                                 {cache: "force-cache"});
      return key;
    }

read: async (key) => {
      let response = await fetch(testURI("resource", "fetch", key),
                                 {cache: "force-cache"});
      let countResponse = await fetch(testURI("ctr", "fetch", key),
                                      {cache: "reload"});
      return (await countResponse.text()).trim();
    }

result, same first party: 1

result, different first party: 2

unsupported: false

passed: true

test failed: false
font cache
Web fonts are sometimes stored in their own cache, which is vulnerable to being abused for cross-site tracking.
              
Passed
write: async (key) => {
      let style = document.createElement("style");
      style.type='text/css';
      let fontURI = testURI("resource", "font", key);
      style.innerHTML = `@font-face {font-family: "myFont"; src: url("${fontURI}"); } body { font-family: "myFont" }`;
      document.getElementsByTagName("head")[0].appendChild(style);
      return key;
    }

read: async (key) => {
      const text = document.createElement("span");
      text.id = "text";
      text.innerText = "test";
      document.body.appendChild(text);
      const originalWidth = text.getBoundingClientRect().width;
      let style = document.createElement("style");
      style.type='text/css';
      let fontURI = testURI("resource", "font", key);
      style.innerHTML = `@font-face {font-family: "myFont"; src: url("${fontURI}"); } #text { font-family: "myFont" }`;
      document.getElementsByTagName("head")[0].appendChild(style);
      let newWidth;
      do {
        await sleepMs(100);
        newWidth = text.getBoundingClientRect().width;
      } while (newWidth < 0 || newWidth === originalWidth)
      let response = await fetch(
        testURI("ctr", "font", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same first party: 1

result, different first party: 2

unsupported: false

passed: true

test failed: false
Passed
write: async (key) => {
      let style = document.createElement("style");
      style.type='text/css';
      let fontURI = testURI("resource", "font", key);
      style.innerHTML = `@font-face {font-family: "myFont"; src: url("${fontURI}"); } body { font-family: "myFont" }`;
      document.getElementsByTagName("head")[0].appendChild(style);
      return key;
    }

read: async (key) => {
      const text = document.createElement("span");
      text.id = "text";
      text.innerText = "test";
      document.body.appendChild(text);
      const originalWidth = text.getBoundingClientRect().width;
      let style = document.createElement("style");
      style.type='text/css';
      let fontURI = testURI("resource", "font", key);
      style.innerHTML = `@font-face {font-family: "myFont"; src: url("${fontURI}"); } #text { font-family: "myFont" }`;
      document.getElementsByTagName("head")[0].appendChild(style);
      let newWidth;
      do {
        await sleepMs(100);
        newWidth = text.getBoundingClientRect().width;
      } while (newWidth < 0 || newWidth === originalWidth)
      let response = await fetch(
        testURI("ctr", "font", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same first party: 1

result, different first party: 2

unsupported: false

passed: true

test failed: false
Passed
write: async (key) => {
      let style = document.createElement("style");
      style.type='text/css';
      let fontURI = testURI("resource", "font", key);
      style.innerHTML = `@font-face {font-family: "myFont"; src: url("${fontURI}"); } body { font-family: "myFont" }`;
      document.getElementsByTagName("head")[0].appendChild(style);
      return key;
    }

read: async (key) => {
      const text = document.createElement("span");
      text.id = "text";
      text.innerText = "test";
      document.body.appendChild(text);
      const originalWidth = text.getBoundingClientRect().width;
      let style = document.createElement("style");
      style.type='text/css';
      let fontURI = testURI("resource", "font", key);
      style.innerHTML = `@font-face {font-family: "myFont"; src: url("${fontURI}"); } #text { font-family: "myFont" }`;
      document.getElementsByTagName("head")[0].appendChild(style);
      let newWidth;
      do {
        await sleepMs(100);
        newWidth = text.getBoundingClientRect().width;
      } while (newWidth < 0 || newWidth === originalWidth)
      let response = await fetch(
        testURI("ctr", "font", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same first party: 2

result, different first party: 3

unsupported: false

passed: true

test failed: false
Passed
write: async (key) => {
      let style = document.createElement("style");
      style.type='text/css';
      let fontURI = testURI("resource", "font", key);
      style.innerHTML = `@font-face {font-family: "myFont"; src: url("${fontURI}"); } body { font-family: "myFont" }`;
      document.getElementsByTagName("head")[0].appendChild(style);
      return key;
    }

read: async (key) => {
      const text = document.createElement("span");
      text.id = "text";
      text.innerText = "test";
      document.body.appendChild(text);
      const originalWidth = text.getBoundingClientRect().width;
      let style = document.createElement("style");
      style.type='text/css';
      let fontURI = testURI("resource", "font", key);
      style.innerHTML = `@font-face {font-family: "myFont"; src: url("${fontURI}"); } #text { font-family: "myFont" }`;
      document.getElementsByTagName("head")[0].appendChild(style);
      let newWidth;
      do {
        await sleepMs(100);
        newWidth = text.getBoundingClientRect().width;
      } while (newWidth < 0 || newWidth === originalWidth)
      let response = await fetch(
        testURI("ctr", "font", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same first party: 1

result, different first party: 2

unsupported: false

passed: true

test failed: false
Passed
write: async (key) => {
      let style = document.createElement("style");
      style.type='text/css';
      let fontURI = testURI("resource", "font", key);
      style.innerHTML = `@font-face {font-family: "myFont"; src: url("${fontURI}"); } body { font-family: "myFont" }`;
      document.getElementsByTagName("head")[0].appendChild(style);
      return key;
    }

read: async (key) => {
      const text = document.createElement("span");
      text.id = "text";
      text.innerText = "test";
      document.body.appendChild(text);
      const originalWidth = text.getBoundingClientRect().width;
      let style = document.createElement("style");
      style.type='text/css';
      let fontURI = testURI("resource", "font", key);
      style.innerHTML = `@font-face {font-family: "myFont"; src: url("${fontURI}"); } #text { font-family: "myFont" }`;
      document.getElementsByTagName("head")[0].appendChild(style);
      let newWidth;
      do {
        await sleepMs(100);
        newWidth = text.getBoundingClientRect().width;
      } while (newWidth < 0 || newWidth === originalWidth)
      let response = await fetch(
        testURI("ctr", "font", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same first party: 1

result, different first party: 2

unsupported: false

passed: true

test failed: false
Passed
write: async (key) => {
      let style = document.createElement("style");
      style.type='text/css';
      let fontURI = testURI("resource", "font", key);
      style.innerHTML = `@font-face {font-family: "myFont"; src: url("${fontURI}"); } body { font-family: "myFont" }`;
      document.getElementsByTagName("head")[0].appendChild(style);
      return key;
    }

read: async (key) => {
      const text = document.createElement("span");
      text.id = "text";
      text.innerText = "test";
      document.body.appendChild(text);
      const originalWidth = text.getBoundingClientRect().width;
      let style = document.createElement("style");
      style.type='text/css';
      let fontURI = testURI("resource", "font", key);
      style.innerHTML = `@font-face {font-family: "myFont"; src: url("${fontURI}"); } #text { font-family: "myFont" }`;
      document.getElementsByTagName("head")[0].appendChild(style);
      let newWidth;
      do {
        await sleepMs(100);
        newWidth = text.getBoundingClientRect().width;
      } while (newWidth < 0 || newWidth === originalWidth)
      let response = await fetch(
        testURI("ctr", "font", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same first party: 1

result, different first party: 2

unsupported: false

passed: true

test failed: false
Passed
write: async (key) => {
      let style = document.createElement("style");
      style.type='text/css';
      let fontURI = testURI("resource", "font", key);
      style.innerHTML = `@font-face {font-family: "myFont"; src: url("${fontURI}"); } body { font-family: "myFont" }`;
      document.getElementsByTagName("head")[0].appendChild(style);
      return key;
    }

read: async (key) => {
      const text = document.createElement("span");
      text.id = "text";
      text.innerText = "test";
      document.body.appendChild(text);
      const originalWidth = text.getBoundingClientRect().width;
      let style = document.createElement("style");
      style.type='text/css';
      let fontURI = testURI("resource", "font", key);
      style.innerHTML = `@font-face {font-family: "myFont"; src: url("${fontURI}"); } #text { font-family: "myFont" }`;
      document.getElementsByTagName("head")[0].appendChild(style);
      let newWidth;
      do {
        await sleepMs(100);
        newWidth = text.getBoundingClientRect().width;
      } while (newWidth < 0 || newWidth === originalWidth)
      let response = await fetch(
        testURI("ctr", "font", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same first party: 2

result, different first party: 3

unsupported: false

passed: true

test failed: false
Passed
write: async (key) => {
      let style = document.createElement("style");
      style.type='text/css';
      let fontURI = testURI("resource", "font", key);
      style.innerHTML = `@font-face {font-family: "myFont"; src: url("${fontURI}"); } body { font-family: "myFont" }`;
      document.getElementsByTagName("head")[0].appendChild(style);
      return key;
    }

read: async (key) => {
      const text = document.createElement("span");
      text.id = "text";
      text.innerText = "test";
      document.body.appendChild(text);
      const originalWidth = text.getBoundingClientRect().width;
      let style = document.createElement("style");
      style.type='text/css';
      let fontURI = testURI("resource", "font", key);
      style.innerHTML = `@font-face {font-family: "myFont"; src: url("${fontURI}"); } #text { font-family: "myFont" }`;
      document.getElementsByTagName("head")[0].appendChild(style);
      let newWidth;
      do {
        await sleepMs(100);
        newWidth = text.getBoundingClientRect().width;
      } while (newWidth < 0 || newWidth === originalWidth)
      let response = await fetch(
        testURI("ctr", "font", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same first party: 1

result, different first party: 2

unsupported: false

passed: true

test failed: false
Passed
write: async (key) => {
      let style = document.createElement("style");
      style.type='text/css';
      let fontURI = testURI("resource", "font", key);
      style.innerHTML = `@font-face {font-family: "myFont"; src: url("${fontURI}"); } body { font-family: "myFont" }`;
      document.getElementsByTagName("head")[0].appendChild(style);
      return key;
    }

read: async (key) => {
      const text = document.createElement("span");
      text.id = "text";
      text.innerText = "test";
      document.body.appendChild(text);
      const originalWidth = text.getBoundingClientRect().width;
      let style = document.createElement("style");
      style.type='text/css';
      let fontURI = testURI("resource", "font", key);
      style.innerHTML = `@font-face {font-family: "myFont"; src: url("${fontURI}"); } #text { font-family: "myFont" }`;
      document.getElementsByTagName("head")[0].appendChild(style);
      let newWidth;
      do {
        await sleepMs(100);
        newWidth = text.getBoundingClientRect().width;
      } while (newWidth < 0 || newWidth === originalWidth)
      let response = await fetch(
        testURI("ctr", "font", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same first party: 1

result, different first party: 2

unsupported: false

passed: true

test failed: false
getDirectory
navigator.storage.getDirectory exposes a location for storing files to web content. In some cases, these files may be shared across tabs.
              
Passed
write: async (secret) => {
      try {
        const root = await navigator.storage.getDirectory();
        const fileHandle = await root.getFileHandle("secret.txt", { create: true });
        const stream = await fileHandle.createWritable();
        await stream.write(secret);
        await stream.close();
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: async () => {
      try {
        const root = await navigator.storage.getDirectory();
        const fileHandle = await root.getFileHandle("secret.txt");
        const file = await fileHandle.getFile();
        return file.text();
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

result, same first party: f7e729f7-9e22-4b1b-baa7-038cdd2b7466

result, different first party: Error: Unsupported

unsupported: false

passed: true

test failed: false
Passed
write: async (secret) => {
      try {
        const root = await navigator.storage.getDirectory();
        const fileHandle = await root.getFileHandle("secret.txt", { create: true });
        const stream = await fileHandle.createWritable();
        await stream.write(secret);
        await stream.close();
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: async () => {
      try {
        const root = await navigator.storage.getDirectory();
        const fileHandle = await root.getFileHandle("secret.txt");
        const file = await fileHandle.getFile();
        return file.text();
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

result, same first party: eac80989-abd5-4d75-ab7d-bc4b3f378167

result, different first party: Error: Unsupported

unsupported: false

passed: true

test failed: false
Unsupported
write: async (secret) => {
      try {
        const root = await navigator.storage.getDirectory();
        const fileHandle = await root.getFileHandle("secret.txt", { create: true });
        const stream = await fileHandle.createWritable();
        await stream.write(secret);
        await stream.close();
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: async () => {
      try {
        const root = await navigator.storage.getDirectory();
        const fileHandle = await root.getFileHandle("secret.txt");
        const file = await fileHandle.getFile();
        return file.text();
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

result, same first party: 

result, different first party: Error: Unsupported

unsupported: true

passed: undefined

test failed: false
Passed
write: async (secret) => {
      try {
        const root = await navigator.storage.getDirectory();
        const fileHandle = await root.getFileHandle("secret.txt", { create: true });
        const stream = await fileHandle.createWritable();
        await stream.write(secret);
        await stream.close();
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: async () => {
      try {
        const root = await navigator.storage.getDirectory();
        const fileHandle = await root.getFileHandle("secret.txt");
        const file = await fileHandle.getFile();
        return file.text();
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

result, same first party: 25ffccc7-68bd-4d2f-86e0-8a0bb87be277

result, different first party: Error: Unsupported

unsupported: false

passed: true

test failed: false
Passed
write: async (secret) => {
      try {
        const root = await navigator.storage.getDirectory();
        const fileHandle = await root.getFileHandle("secret.txt", { create: true });
        const stream = await fileHandle.createWritable();
        await stream.write(secret);
        await stream.close();
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: async () => {
      try {
        const root = await navigator.storage.getDirectory();
        const fileHandle = await root.getFileHandle("secret.txt");
        const file = await fileHandle.getFile();
        return file.text();
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

result, same first party: eb0dda01-983e-40e8-b21b-217f51793243

result, different first party: Error: Unsupported

unsupported: false

passed: true

test failed: false
Passed
write: async (secret) => {
      try {
        const root = await navigator.storage.getDirectory();
        const fileHandle = await root.getFileHandle("secret.txt", { create: true });
        const stream = await fileHandle.createWritable();
        await stream.write(secret);
        await stream.close();
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: async () => {
      try {
        const root = await navigator.storage.getDirectory();
        const fileHandle = await root.getFileHandle("secret.txt");
        const file = await fileHandle.getFile();
        return file.text();
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

result, same first party: e91cf262-3db2-4ce2-9312-b912493f0ef0

result, different first party: Error: Unsupported

unsupported: false

passed: true

test failed: false
Unsupported
write: async (secret) => {
      try {
        const root = await navigator.storage.getDirectory();
        const fileHandle = await root.getFileHandle("secret.txt", { create: true });
        const stream = await fileHandle.createWritable();
        await stream.write(secret);
        await stream.close();
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: async () => {
      try {
        const root = await navigator.storage.getDirectory();
        const fileHandle = await root.getFileHandle("secret.txt");
        const file = await fileHandle.getFile();
        return file.text();
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

result, same first party: 

result, different first party: Error: Unsupported

unsupported: true

passed: undefined

test failed: false
Unsupported
write: async (secret) => {
      try {
        const root = await navigator.storage.getDirectory();
        const fileHandle = await root.getFileHandle("secret.txt", { create: true });
        const stream = await fileHandle.createWritable();
        await stream.write(secret);
        await stream.close();
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: async () => {
      try {
        const root = await navigator.storage.getDirectory();
        const fileHandle = await root.getFileHandle("secret.txt");
        const file = await fileHandle.getFile();
        return file.text();
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

result, same first party: Error: Unsupported

result, different first party: Error: Unsupported

unsupported: true

passed: undefined

test failed: false
Passed
write: async (secret) => {
      try {
        const root = await navigator.storage.getDirectory();
        const fileHandle = await root.getFileHandle("secret.txt", { create: true });
        const stream = await fileHandle.createWritable();
        await stream.write(secret);
        await stream.close();
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: async () => {
      try {
        const root = await navigator.storage.getDirectory();
        const fileHandle = await root.getFileHandle("secret.txt");
        const file = await fileHandle.getFile();
        return file.text();
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

result, same first party: 5c4b21b3-6581-43d2-8006-dc5d38ff986b

result, different first party: Error: Unsupported

unsupported: false

passed: true

test failed: false
H1 connection
HTTP/1.x are the classic web connection protocols. If these connections are re-used across websites, they can be used to track users.
              
Passed
write: async (secret) => {
      await fetch(`https://h1.privacytests2.org:8901/?mode=write&secret=${secret}`, {cache: "no-store"});
    }

read: async () => {
      let response = await fetch(`https://h1.privacytests2.org:8901/?mode=read`, {cache: "no-store"});
      return await response.text();
    }

result, same first party: f7e729f7-9e22-4b1b-baa7-038cdd2b7466

result, different first party: 

unsupported: false

passed: true

test failed: false
Passed
write: async (secret) => {
      await fetch(`https://h1.privacytests2.org:8901/?mode=write&secret=${secret}`, {cache: "no-store"});
    }

read: async () => {
      let response = await fetch(`https://h1.privacytests2.org:8901/?mode=read`, {cache: "no-store"});
      return await response.text();
    }

result, same first party: eac80989-abd5-4d75-ab7d-bc4b3f378167

result, different first party: 

unsupported: false

passed: true

test failed: false
Passed
write: async (secret) => {
      await fetch(`https://h1.privacytests2.org:8901/?mode=write&secret=${secret}`, {cache: "no-store"});
    }

read: async () => {
      let response = await fetch(`https://h1.privacytests2.org:8901/?mode=read`, {cache: "no-store"});
      return await response.text();
    }

result, same first party: 8dcf3049-0641-4832-bc66-2373dea8b2ff

result, different first party: 

unsupported: false

passed: true

test failed: false
Passed
write: async (secret) => {
      await fetch(`https://h1.privacytests2.org:8901/?mode=write&secret=${secret}`, {cache: "no-store"});
    }

read: async () => {
      let response = await fetch(`https://h1.privacytests2.org:8901/?mode=read`, {cache: "no-store"});
      return await response.text();
    }

result, same first party: 25ffccc7-68bd-4d2f-86e0-8a0bb87be277

result, different first party: 

unsupported: false

passed: true

test failed: false
Passed
write: async (secret) => {
      await fetch(`https://h1.privacytests2.org:8901/?mode=write&secret=${secret}`, {cache: "no-store"});
    }

read: async () => {
      let response = await fetch(`https://h1.privacytests2.org:8901/?mode=read`, {cache: "no-store"});
      return await response.text();
    }

result, same first party: eb0dda01-983e-40e8-b21b-217f51793243

result, different first party: 

unsupported: false

passed: true

test failed: false
Passed
write: async (secret) => {
      await fetch(`https://h1.privacytests2.org:8901/?mode=write&secret=${secret}`, {cache: "no-store"});
    }

read: async () => {
      let response = await fetch(`https://h1.privacytests2.org:8901/?mode=read`, {cache: "no-store"});
      return await response.text();
    }

result, same first party: e91cf262-3db2-4ce2-9312-b912493f0ef0

result, different first party: 

unsupported: false

passed: true

test failed: false
Passed
write: async (secret) => {
      await fetch(`https://h1.privacytests2.org:8901/?mode=write&secret=${secret}`, {cache: "no-store"});
    }

read: async () => {
      let response = await fetch(`https://h1.privacytests2.org:8901/?mode=read`, {cache: "no-store"});
      return await response.text();
    }

result, same first party: e54f56ee-527d-4b84-847f-9120b105376f

result, different first party: 

unsupported: false

passed: true

test failed: false
Passed
write: async (secret) => {
      await fetch(`https://h1.privacytests2.org:8901/?mode=write&secret=${secret}`, {cache: "no-store"});
    }

read: async () => {
      let response = await fetch(`https://h1.privacytests2.org:8901/?mode=read`, {cache: "no-store"});
      return await response.text();
    }

result, same first party: 80df2b1d-cc96-4f9a-8af8-418737aa9557

result, different first party: 

unsupported: false

passed: true

test failed: false
Passed
write: async (secret) => {
      await fetch(`https://h1.privacytests2.org:8901/?mode=write&secret=${secret}`, {cache: "no-store"});
    }

read: async () => {
      let response = await fetch(`https://h1.privacytests2.org:8901/?mode=read`, {cache: "no-store"});
      return await response.text();
    }

result, same first party: 5c4b21b3-6581-43d2-8006-dc5d38ff986b

result, different first party: 

unsupported: false

passed: true

test failed: false
H2 connection
HTTP/2 is a web connection protocol introduced in 2015. Some browsers re-use HTTP/2 connections across websites and can thus be used to track users.
              
Passed
write: async (secret) => {
      await fetch(`https://h2.privacytests2.org:8902/?mode=write&secret=${secret}`, {cache: "no-store"});
    }

read: async () => {
      let response = await fetch(`https://h2.privacytests2.org:8902/?mode=read`, {cache: "no-store"});
      return await response.text();
    }

result, same first party: f7e729f7-9e22-4b1b-baa7-038cdd2b7466

result, different first party: 

unsupported: false

passed: true

test failed: false
Passed
write: async (secret) => {
      await fetch(`https://h2.privacytests2.org:8902/?mode=write&secret=${secret}`, {cache: "no-store"});
    }

read: async () => {
      let response = await fetch(`https://h2.privacytests2.org:8902/?mode=read`, {cache: "no-store"});
      return await response.text();
    }

result, same first party: eac80989-abd5-4d75-ab7d-bc4b3f378167

result, different first party: 

unsupported: false

passed: true

test failed: false
Passed
write: async (secret) => {
      await fetch(`https://h2.privacytests2.org:8902/?mode=write&secret=${secret}`, {cache: "no-store"});
    }

read: async () => {
      let response = await fetch(`https://h2.privacytests2.org:8902/?mode=read`, {cache: "no-store"});
      return await response.text();
    }

result, same first party: 8dcf3049-0641-4832-bc66-2373dea8b2ff

result, different first party: 

unsupported: false

passed: true

test failed: false
Passed
write: async (secret) => {
      await fetch(`https://h2.privacytests2.org:8902/?mode=write&secret=${secret}`, {cache: "no-store"});
    }

read: async () => {
      let response = await fetch(`https://h2.privacytests2.org:8902/?mode=read`, {cache: "no-store"});
      return await response.text();
    }

result, same first party: 25ffccc7-68bd-4d2f-86e0-8a0bb87be277

result, different first party: 

unsupported: false

passed: true

test failed: false
Passed
write: async (secret) => {
      await fetch(`https://h2.privacytests2.org:8902/?mode=write&secret=${secret}`, {cache: "no-store"});
    }

read: async () => {
      let response = await fetch(`https://h2.privacytests2.org:8902/?mode=read`, {cache: "no-store"});
      return await response.text();
    }

result, same first party: eb0dda01-983e-40e8-b21b-217f51793243

result, different first party: 

unsupported: false

passed: true

test failed: false
Passed
write: async (secret) => {
      await fetch(`https://h2.privacytests2.org:8902/?mode=write&secret=${secret}`, {cache: "no-store"});
    }

read: async () => {
      let response = await fetch(`https://h2.privacytests2.org:8902/?mode=read`, {cache: "no-store"});
      return await response.text();
    }

result, same first party: e91cf262-3db2-4ce2-9312-b912493f0ef0

result, different first party: 

unsupported: false

passed: true

test failed: false
Passed
write: async (secret) => {
      await fetch(`https://h2.privacytests2.org:8902/?mode=write&secret=${secret}`, {cache: "no-store"});
    }

read: async () => {
      let response = await fetch(`https://h2.privacytests2.org:8902/?mode=read`, {cache: "no-store"});
      return await response.text();
    }

result, same first party: e54f56ee-527d-4b84-847f-9120b105376f

result, different first party: 

unsupported: false

passed: true

test failed: false
Passed
write: async (secret) => {
      await fetch(`https://h2.privacytests2.org:8902/?mode=write&secret=${secret}`, {cache: "no-store"});
    }

read: async () => {
      let response = await fetch(`https://h2.privacytests2.org:8902/?mode=read`, {cache: "no-store"});
      return await response.text();
    }

result, same first party: 80df2b1d-cc96-4f9a-8af8-418737aa9557

result, different first party: 

unsupported: false

passed: true

test failed: false
Passed
write: async (secret) => {
      await fetch(`https://h2.privacytests2.org:8902/?mode=write&secret=${secret}`, {cache: "no-store"});
    }

read: async () => {
      let response = await fetch(`https://h2.privacytests2.org:8902/?mode=read`, {cache: "no-store"});
      return await response.text();
    }

result, same first party: 5c4b21b3-6581-43d2-8006-dc5d38ff986b

result, different first party: 

unsupported: false

passed: true

test failed: false
H3 connection
HTTP/3 is a new standard HTTP connection protocol, still in draft but widely supported by browsers. If it is not partitioned, it can be used to track users across websites.
              
Passed
write: async (secret) => {
      // Ensure that we can switch over to h3 via alt-svc:
      for (let i = 0; i<3; ++i) {
        await fetch(`https://h3.privacytests2.org:4434/connection_id`, {cache: "no-store"});
        await sleepMs(500);
      }
      // Are we now connecting over h3?
      let response = await fetch(`https://h3.privacytests2.org:4434/connection_id`, {cache: "no-store"});
      let text = await response.text();
      // Empty response text indicates we are not connecting over h3:
      if (text.trim() === "") {
        throw new Error("Unsupported");
      }
    }

read: async () => {
      let response = await fetch(`https://h3.privacytests2.org:4434/connection_id`);
      return await response.text();
    }

result, same first party: cda8b990c968a783d790834770c8106a

result, different first party: 

unsupported: false

passed: true

test failed: false
Passed
write: async (secret) => {
      // Ensure that we can switch over to h3 via alt-svc:
      for (let i = 0; i<3; ++i) {
        await fetch(`https://h3.privacytests2.org:4434/connection_id`, {cache: "no-store"});
        await sleepMs(500);
      }
      // Are we now connecting over h3?
      let response = await fetch(`https://h3.privacytests2.org:4434/connection_id`, {cache: "no-store"});
      let text = await response.text();
      // Empty response text indicates we are not connecting over h3:
      if (text.trim() === "") {
        throw new Error("Unsupported");
      }
    }

read: async () => {
      let response = await fetch(`https://h3.privacytests2.org:4434/connection_id`);
      return await response.text();
    }

result, same first party: bc7bb090ba7241b3ba229223dc8617df

result, different first party: 

unsupported: false

passed: true

test failed: false
Passed
write: async (secret) => {
      // Ensure that we can switch over to h3 via alt-svc:
      for (let i = 0; i<3; ++i) {
        await fetch(`https://h3.privacytests2.org:4434/connection_id`, {cache: "no-store"});
        await sleepMs(500);
      }
      // Are we now connecting over h3?
      let response = await fetch(`https://h3.privacytests2.org:4434/connection_id`, {cache: "no-store"});
      let text = await response.text();
      // Empty response text indicates we are not connecting over h3:
      if (text.trim() === "") {
        throw new Error("Unsupported");
      }
    }

read: async () => {
      let response = await fetch(`https://h3.privacytests2.org:4434/connection_id`);
      return await response.text();
    }

result, same first party: 985d1c56c0f012885dd851fc876483ec

result, different first party: 97525ec66818ffd152170115d636edf8

unsupported: false

passed: true

test failed: false
Passed
write: async (secret) => {
      // Ensure that we can switch over to h3 via alt-svc:
      for (let i = 0; i<3; ++i) {
        await fetch(`https://h3.privacytests2.org:4434/connection_id`, {cache: "no-store"});
        await sleepMs(500);
      }
      // Are we now connecting over h3?
      let response = await fetch(`https://h3.privacytests2.org:4434/connection_id`, {cache: "no-store"});
      let text = await response.text();
      // Empty response text indicates we are not connecting over h3:
      if (text.trim() === "") {
        throw new Error("Unsupported");
      }
    }

read: async () => {
      let response = await fetch(`https://h3.privacytests2.org:4434/connection_id`);
      return await response.text();
    }

result, same first party: f27d550b5594e10d63b26594a7189ca9

result, different first party: 

unsupported: false

passed: true

test failed: false
Passed
write: async (secret) => {
      // Ensure that we can switch over to h3 via alt-svc:
      for (let i = 0; i<3; ++i) {
        await fetch(`https://h3.privacytests2.org:4434/connection_id`, {cache: "no-store"});
        await sleepMs(500);
      }
      // Are we now connecting over h3?
      let response = await fetch(`https://h3.privacytests2.org:4434/connection_id`, {cache: "no-store"});
      let text = await response.text();
      // Empty response text indicates we are not connecting over h3:
      if (text.trim() === "") {
        throw new Error("Unsupported");
      }
    }

read: async () => {
      let response = await fetch(`https://h3.privacytests2.org:4434/connection_id`);
      return await response.text();
    }

result, same first party: 3f627d4365f2252859641bbc2f6684fb

result, different first party: 

unsupported: false

passed: true

test failed: false
Passed
write: async (secret) => {
      // Ensure that we can switch over to h3 via alt-svc:
      for (let i = 0; i<3; ++i) {
        await fetch(`https://h3.privacytests2.org:4434/connection_id`, {cache: "no-store"});
        await sleepMs(500);
      }
      // Are we now connecting over h3?
      let response = await fetch(`https://h3.privacytests2.org:4434/connection_id`, {cache: "no-store"});
      let text = await response.text();
      // Empty response text indicates we are not connecting over h3:
      if (text.trim() === "") {
        throw new Error("Unsupported");
      }
    }

read: async () => {
      let response = await fetch(`https://h3.privacytests2.org:4434/connection_id`);
      return await response.text();
    }

result, same first party: 284c99850ada91874e9986cac8ee2fae

result, different first party: 

unsupported: false

passed: true

test failed: false
Passed
write: async (secret) => {
      // Ensure that we can switch over to h3 via alt-svc:
      for (let i = 0; i<3; ++i) {
        await fetch(`https://h3.privacytests2.org:4434/connection_id`, {cache: "no-store"});
        await sleepMs(500);
      }
      // Are we now connecting over h3?
      let response = await fetch(`https://h3.privacytests2.org:4434/connection_id`, {cache: "no-store"});
      let text = await response.text();
      // Empty response text indicates we are not connecting over h3:
      if (text.trim() === "") {
        throw new Error("Unsupported");
      }
    }

read: async () => {
      let response = await fetch(`https://h3.privacytests2.org:4434/connection_id`);
      return await response.text();
    }

result, same first party: 5a8300c423ffdf71339d83050a0e2d5b

result, different first party: 68236f85cb634fe16c1f8e6e0b6be6ab

unsupported: false

passed: true

test failed: false
Unsupported
write: async (secret) => {
      // Ensure that we can switch over to h3 via alt-svc:
      for (let i = 0; i<3; ++i) {
        await fetch(`https://h3.privacytests2.org:4434/connection_id`, {cache: "no-store"});
        await sleepMs(500);
      }
      // Are we now connecting over h3?
      let response = await fetch(`https://h3.privacytests2.org:4434/connection_id`, {cache: "no-store"});
      let text = await response.text();
      // Empty response text indicates we are not connecting over h3:
      if (text.trim() === "") {
        throw new Error("Unsupported");
      }
    }

read: async () => {
      let response = await fetch(`https://h3.privacytests2.org:4434/connection_id`);
      return await response.text();
    }

result, same first party: 

result, different first party: 

unsupported: true

passed: undefined

test failed: false
Passed
write: async (secret) => {
      // Ensure that we can switch over to h3 via alt-svc:
      for (let i = 0; i<3; ++i) {
        await fetch(`https://h3.privacytests2.org:4434/connection_id`, {cache: "no-store"});
        await sleepMs(500);
      }
      // Are we now connecting over h3?
      let response = await fetch(`https://h3.privacytests2.org:4434/connection_id`, {cache: "no-store"});
      let text = await response.text();
      // Empty response text indicates we are not connecting over h3:
      if (text.trim() === "") {
        throw new Error("Unsupported");
      }
    }

read: async () => {
      let response = await fetch(`https://h3.privacytests2.org:4434/connection_id`);
      return await response.text();
    }

result, same first party: acf19d1e85798ac8935bb15d5539da44

result, different first party: 

unsupported: false

passed: true

test failed: false
HSTS cache
The HTTP Strict-Transport-Security response header allows a website to signal that it should only be accessed via HTTPS. The browser remembers this directive in a database, but if this database is not partitioned, then it can be used to track users across websites."
              
Passed
write: set HSTS flag

read: read HSTS flag

result, same first party: not tested

result, different first party: Used http

unsupported: false

passed: true

test failed: false
Failed
write: set HSTS flag

read: read HSTS flag

result, same first party: not tested

result, different first party: Upgraded to https

unsupported: false

passed: false

test failed: false
Passed
write: set HSTS flag

read: read HSTS flag

result, same first party: not tested

result, different first party: Used http

unsupported: false

passed: true

test failed: false
Failed
write: set HSTS flag

read: read HSTS flag

result, same first party: not tested

result, different first party: Upgraded to https

unsupported: false

passed: false

test failed: false
Passed
write: set HSTS flag

read: read HSTS flag

result, same first party: not tested

result, different first party: Used http

unsupported: false

passed: true

test failed: false
Failed
write: set HSTS flag

read: read HSTS flag

result, same first party: not tested

result, different first party: Upgraded to https

unsupported: false

passed: false

test failed: false
Passed
write: set HSTS flag

read: read HSTS flag

result, same first party: not tested

result, different first party: Used http

unsupported: false

passed: true

test failed: false
Passed
write: null

read: null

result, same first party: null

result, different first party: HTTPS used by default; no HSTS cache issue expected

unsupported: null

passed: true

test failed: false
Failed
write: set HSTS flag

read: read HSTS flag

result, same first party: not tested

result, different first party: Upgraded to https

unsupported: false

passed: false

test failed: false
HSTS cache (fetch)
The HTTP Strict-Transport-Security response header allows a website to signal that it should only be accessed via HTTPS. The browser remembers this directive in a database, but if this database is not partitioned, then it can be used to track users across websites."
              
Passed
write: set HSTS flag

read: read HSTS flag

result, same first party: not tested

result, different first party: Used http

unsupported: false

passed: true

test failed: false
Failed
write: set HSTS flag

read: read HSTS flag

result, same first party: not tested

result, different first party: Upgraded to https

unsupported: false

passed: false

test failed: false
Passed
write: set HSTS flag

read: read HSTS flag

result, same first party: not tested

result, different first party: Used http

unsupported: false

passed: true

test failed: false
Failed
write: set HSTS flag

read: read HSTS flag

result, same first party: not tested

result, different first party: Upgraded to https

unsupported: false

passed: false

test failed: false
Passed
write: set HSTS flag

read: read HSTS flag

result, same first party: not tested

result, different first party: Used http

unsupported: false

passed: true

test failed: false
Failed
write: set HSTS flag

read: read HSTS flag

result, same first party: not tested

result, different first party: Upgraded to https

unsupported: false

passed: false

test failed: false
Passed
write: set HSTS flag

read: read HSTS flag

result, same first party: not tested

result, different first party: Used http

unsupported: false

passed: true

test failed: false
Passed
write: null

read: null

result, same first party: null

result, different first party: HTTPS used by default; no HSTS cache issue expected

unsupported: null

passed: true

test failed: false
Failed
write: set HSTS flag

read: read HSTS flag

result, same first party: not tested

result, different first party: Upgraded to https

unsupported: false

passed: false

test failed: false
iframe cache
An iframe is an element in a web page than allows websites to embed a second web page. Caching of this web page could be abused for cross-site tracking.
              
Passed
write: (key) => new Promise((resolve, reject) => {
      let iframe = document.createElement("iframe");
      document.body.appendChild(iframe);
      iframe.addEventListener("load", () => resolve(key), {once: true});
      iframe.src = testURI("resource", "page", key);
    })

read: async (key) => {
      let iframe = document.createElement("iframe");
      document.body.appendChild(iframe);
      let iframeLoadPromise = new Promise((resolve, reject) => {
        iframe.addEventListener("load", resolve, {once: true});
      });
      let address = testURI("resource", "page", key);
      iframe.src = address;
      await iframeLoadPromise;
      let response = await fetch(
        testURI("ctr", "page", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same first party: 1

result, different first party: 2

unsupported: false

passed: true

test failed: false
Passed
write: (key) => new Promise((resolve, reject) => {
      let iframe = document.createElement("iframe");
      document.body.appendChild(iframe);
      iframe.addEventListener("load", () => resolve(key), {once: true});
      iframe.src = testURI("resource", "page", key);
    })

read: async (key) => {
      let iframe = document.createElement("iframe");
      document.body.appendChild(iframe);
      let iframeLoadPromise = new Promise((resolve, reject) => {
        iframe.addEventListener("load", resolve, {once: true});
      });
      let address = testURI("resource", "page", key);
      iframe.src = address;
      await iframeLoadPromise;
      let response = await fetch(
        testURI("ctr", "page", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same first party: 1

result, different first party: 2

unsupported: false

passed: true

test failed: false
Passed
write: (key) => new Promise((resolve, reject) => {
      let iframe = document.createElement("iframe");
      document.body.appendChild(iframe);
      iframe.addEventListener("load", () => resolve(key), {once: true});
      iframe.src = testURI("resource", "page", key);
    })

read: async (key) => {
      let iframe = document.createElement("iframe");
      document.body.appendChild(iframe);
      let iframeLoadPromise = new Promise((resolve, reject) => {
        iframe.addEventListener("load", resolve, {once: true});
      });
      let address = testURI("resource", "page", key);
      iframe.src = address;
      await iframeLoadPromise;
      let response = await fetch(
        testURI("ctr", "page", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same first party: 1

result, different first party: 2

unsupported: false

passed: true

test failed: false
Passed
write: (key) => new Promise((resolve, reject) => {
      let iframe = document.createElement("iframe");
      document.body.appendChild(iframe);
      iframe.addEventListener("load", () => resolve(key), {once: true});
      iframe.src = testURI("resource", "page", key);
    })

read: async (key) => {
      let iframe = document.createElement("iframe");
      document.body.appendChild(iframe);
      let iframeLoadPromise = new Promise((resolve, reject) => {
        iframe.addEventListener("load", resolve, {once: true});
      });
      let address = testURI("resource", "page", key);
      iframe.src = address;
      await iframeLoadPromise;
      let response = await fetch(
        testURI("ctr", "page", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same first party: 1

result, different first party: 2

unsupported: false

passed: true

test failed: false
Passed
write: (key) => new Promise((resolve, reject) => {
      let iframe = document.createElement("iframe");
      document.body.appendChild(iframe);
      iframe.addEventListener("load", () => resolve(key), {once: true});
      iframe.src = testURI("resource", "page", key);
    })

read: async (key) => {
      let iframe = document.createElement("iframe");
      document.body.appendChild(iframe);
      let iframeLoadPromise = new Promise((resolve, reject) => {
        iframe.addEventListener("load", resolve, {once: true});
      });
      let address = testURI("resource", "page", key);
      iframe.src = address;
      await iframeLoadPromise;
      let response = await fetch(
        testURI("ctr", "page", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same first party: 1

result, different first party: 2

unsupported: false

passed: true

test failed: false
Passed
write: (key) => new Promise((resolve, reject) => {
      let iframe = document.createElement("iframe");
      document.body.appendChild(iframe);
      iframe.addEventListener("load", () => resolve(key), {once: true});
      iframe.src = testURI("resource", "page", key);
    })

read: async (key) => {
      let iframe = document.createElement("iframe");
      document.body.appendChild(iframe);
      let iframeLoadPromise = new Promise((resolve, reject) => {
        iframe.addEventListener("load", resolve, {once: true});
      });
      let address = testURI("resource", "page", key);
      iframe.src = address;
      await iframeLoadPromise;
      let response = await fetch(
        testURI("ctr", "page", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same first party: 1

result, different first party: 2

unsupported: false

passed: true

test failed: false
Passed
write: (key) => new Promise((resolve, reject) => {
      let iframe = document.createElement("iframe");
      document.body.appendChild(iframe);
      iframe.addEventListener("load", () => resolve(key), {once: true});
      iframe.src = testURI("resource", "page", key);
    })

read: async (key) => {
      let iframe = document.createElement("iframe");
      document.body.appendChild(iframe);
      let iframeLoadPromise = new Promise((resolve, reject) => {
        iframe.addEventListener("load", resolve, {once: true});
      });
      let address = testURI("resource", "page", key);
      iframe.src = address;
      await iframeLoadPromise;
      let response = await fetch(
        testURI("ctr", "page", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same first party: 1

result, different first party: 2

unsupported: false

passed: true

test failed: false
Passed
write: (key) => new Promise((resolve, reject) => {
      let iframe = document.createElement("iframe");
      document.body.appendChild(iframe);
      iframe.addEventListener("load", () => resolve(key), {once: true});
      iframe.src = testURI("resource", "page", key);
    })

read: async (key) => {
      let iframe = document.createElement("iframe");
      document.body.appendChild(iframe);
      let iframeLoadPromise = new Promise((resolve, reject) => {
        iframe.addEventListener("load", resolve, {once: true});
      });
      let address = testURI("resource", "page", key);
      iframe.src = address;
      await iframeLoadPromise;
      let response = await fetch(
        testURI("ctr", "page", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same first party: 1

result, different first party: 2

unsupported: false

passed: true

test failed: false
Passed
write: (key) => new Promise((resolve, reject) => {
      let iframe = document.createElement("iframe");
      document.body.appendChild(iframe);
      iframe.addEventListener("load", () => resolve(key), {once: true});
      iframe.src = testURI("resource", "page", key);
    })

read: async (key) => {
      let iframe = document.createElement("iframe");
      document.body.appendChild(iframe);
      let iframeLoadPromise = new Promise((resolve, reject) => {
        iframe.addEventListener("load", resolve, {once: true});
      });
      let address = testURI("resource", "page", key);
      iframe.src = address;
      await iframeLoadPromise;
      let response = await fetch(
        testURI("ctr", "page", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same first party: 1

result, different first party: 2

unsupported: false

passed: true

test failed: false
image cache
Caching of images in web browsers is a standard behavior. But if that cache leaks between websites, it can be abused for cross-site tracking.
              
Passed
write: (key) => new Promise((resolve, reject) => {
      let img = document.createElement("img");
      document.body.appendChild(img);
      img.addEventListener("load", () => resolve(key), {once: true});
      img.src = testURI("resource", "image", key);
    })

read: async (key) => {
      let img = document.createElement("img");
      document.body.appendChild(img);
      let imgLoadPromise = new Promise((resolve, reject) => {
        img.addEventListener("load", resolve, {once: true});
      });
      img.src = testURI("resource", "image", key);
      await imgLoadPromise;
      let response = await fetch(
        testURI("ctr", "image", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same first party: 1

result, different first party: 2

unsupported: false

passed: true

test failed: false
Passed
write: (key) => new Promise((resolve, reject) => {
      let img = document.createElement("img");
      document.body.appendChild(img);
      img.addEventListener("load", () => resolve(key), {once: true});
      img.src = testURI("resource", "image", key);
    })

read: async (key) => {
      let img = document.createElement("img");
      document.body.appendChild(img);
      let imgLoadPromise = new Promise((resolve, reject) => {
        img.addEventListener("load", resolve, {once: true});
      });
      img.src = testURI("resource", "image", key);
      await imgLoadPromise;
      let response = await fetch(
        testURI("ctr", "image", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same first party: 1

result, different first party: 2

unsupported: false

passed: true

test failed: false
Passed
write: (key) => new Promise((resolve, reject) => {
      let img = document.createElement("img");
      document.body.appendChild(img);
      img.addEventListener("load", () => resolve(key), {once: true});
      img.src = testURI("resource", "image", key);
    })

read: async (key) => {
      let img = document.createElement("img");
      document.body.appendChild(img);
      let imgLoadPromise = new Promise((resolve, reject) => {
        img.addEventListener("load", resolve, {once: true});
      });
      img.src = testURI("resource", "image", key);
      await imgLoadPromise;
      let response = await fetch(
        testURI("ctr", "image", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same first party: 2

result, different first party: 3

unsupported: false

passed: true

test failed: false
Passed
write: (key) => new Promise((resolve, reject) => {
      let img = document.createElement("img");
      document.body.appendChild(img);
      img.addEventListener("load", () => resolve(key), {once: true});
      img.src = testURI("resource", "image", key);
    })

read: async (key) => {
      let img = document.createElement("img");
      document.body.appendChild(img);
      let imgLoadPromise = new Promise((resolve, reject) => {
        img.addEventListener("load", resolve, {once: true});
      });
      img.src = testURI("resource", "image", key);
      await imgLoadPromise;
      let response = await fetch(
        testURI("ctr", "image", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same first party: 1

result, different first party: 2

unsupported: false

passed: true

test failed: false
Passed
write: (key) => new Promise((resolve, reject) => {
      let img = document.createElement("img");
      document.body.appendChild(img);
      img.addEventListener("load", () => resolve(key), {once: true});
      img.src = testURI("resource", "image", key);
    })

read: async (key) => {
      let img = document.createElement("img");
      document.body.appendChild(img);
      let imgLoadPromise = new Promise((resolve, reject) => {
        img.addEventListener("load", resolve, {once: true});
      });
      img.src = testURI("resource", "image", key);
      await imgLoadPromise;
      let response = await fetch(
        testURI("ctr", "image", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same first party: 1

result, different first party: 2

unsupported: false

passed: true

test failed: false
Passed
write: (key) => new Promise((resolve, reject) => {
      let img = document.createElement("img");
      document.body.appendChild(img);
      img.addEventListener("load", () => resolve(key), {once: true});
      img.src = testURI("resource", "image", key);
    })

read: async (key) => {
      let img = document.createElement("img");
      document.body.appendChild(img);
      let imgLoadPromise = new Promise((resolve, reject) => {
        img.addEventListener("load", resolve, {once: true});
      });
      img.src = testURI("resource", "image", key);
      await imgLoadPromise;
      let response = await fetch(
        testURI("ctr", "image", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same first party: 1

result, different first party: 2

unsupported: false

passed: true

test failed: false
Passed
write: (key) => new Promise((resolve, reject) => {
      let img = document.createElement("img");
      document.body.appendChild(img);
      img.addEventListener("load", () => resolve(key), {once: true});
      img.src = testURI("resource", "image", key);
    })

read: async (key) => {
      let img = document.createElement("img");
      document.body.appendChild(img);
      let imgLoadPromise = new Promise((resolve, reject) => {
        img.addEventListener("load", resolve, {once: true});
      });
      img.src = testURI("resource", "image", key);
      await imgLoadPromise;
      let response = await fetch(
        testURI("ctr", "image", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same first party: 2

result, different first party: 3

unsupported: false

passed: true

test failed: false
Passed
write: (key) => new Promise((resolve, reject) => {
      let img = document.createElement("img");
      document.body.appendChild(img);
      img.addEventListener("load", () => resolve(key), {once: true});
      img.src = testURI("resource", "image", key);
    })

read: async (key) => {
      let img = document.createElement("img");
      document.body.appendChild(img);
      let imgLoadPromise = new Promise((resolve, reject) => {
        img.addEventListener("load", resolve, {once: true});
      });
      img.src = testURI("resource", "image", key);
      await imgLoadPromise;
      let response = await fetch(
        testURI("ctr", "image", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same first party: 1

result, different first party: 2

unsupported: false

passed: true

test failed: false
Passed
write: (key) => new Promise((resolve, reject) => {
      let img = document.createElement("img");
      document.body.appendChild(img);
      img.addEventListener("load", () => resolve(key), {once: true});
      img.src = testURI("resource", "image", key);
    })

read: async (key) => {
      let img = document.createElement("img");
      document.body.appendChild(img);
      let imgLoadPromise = new Promise((resolve, reject) => {
        img.addEventListener("load", resolve, {once: true});
      });
      img.src = testURI("resource", "image", key);
      await imgLoadPromise;
      let response = await fetch(
        testURI("ctr", "image", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same first party: 1

result, different first party: 2

unsupported: false

passed: true

test failed: false
indexedDB
The IndexedDB API exposes a transactional database to web pages. That database can be used to track users across websites, unless it is partitioned.
              
Passed
write: async (secret) => {
      try {
        return await IdbKeyVal.set("secret", secret);
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: () => IdbKeyVal.get("secret")

result, same first party: f7e729f7-9e22-4b1b-baa7-038cdd2b7466

result, different first party: undefined

unsupported: false

passed: true

test failed: false
Passed
write: async (secret) => {
      try {
        return await IdbKeyVal.set("secret", secret);
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: () => IdbKeyVal.get("secret")

result, same first party: eac80989-abd5-4d75-ab7d-bc4b3f378167

result, different first party: undefined

unsupported: false

passed: true

test failed: false
Passed
write: async (secret) => {
      try {
        return await IdbKeyVal.set("secret", secret);
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: () => IdbKeyVal.get("secret")

result, same first party: 8dcf3049-0641-4832-bc66-2373dea8b2ff

result, different first party: undefined

unsupported: false

passed: true

test failed: false
Passed
write: async (secret) => {
      try {
        return await IdbKeyVal.set("secret", secret);
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: () => IdbKeyVal.get("secret")

result, same first party: 25ffccc7-68bd-4d2f-86e0-8a0bb87be277

result, different first party: undefined

unsupported: false

passed: true

test failed: false
Passed
write: async (secret) => {
      try {
        return await IdbKeyVal.set("secret", secret);
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: () => IdbKeyVal.get("secret")

result, same first party: eb0dda01-983e-40e8-b21b-217f51793243

result, different first party: undefined

unsupported: false

passed: true

test failed: false
Passed
write: async (secret) => {
      try {
        return await IdbKeyVal.set("secret", secret);
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: () => IdbKeyVal.get("secret")

result, same first party: e91cf262-3db2-4ce2-9312-b912493f0ef0

result, different first party: undefined

unsupported: false

passed: true

test failed: false
Passed
write: async (secret) => {
      try {
        return await IdbKeyVal.set("secret", secret);
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: () => IdbKeyVal.get("secret")

result, same first party: e54f56ee-527d-4b84-847f-9120b105376f

result, different first party: undefined

unsupported: false

passed: true

test failed: false
Passed
write: async (secret) => {
      try {
        return await IdbKeyVal.set("secret", secret);
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: () => IdbKeyVal.get("secret")

result, same first party: 80df2b1d-cc96-4f9a-8af8-418737aa9557

result, different first party: Error: The operation is insecure.

unsupported: false

passed: true

test failed: false
Passed
write: async (secret) => {
      try {
        return await IdbKeyVal.set("secret", secret);
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: () => IdbKeyVal.get("secret")

result, same first party: 5c4b21b3-6581-43d2-8006-dc5d38ff986b

result, different first party: undefined

unsupported: false

passed: true

test failed: false
localStorage
The localStorage API gives websites access to a key-value database that will remain available across visits. If the localStorage API is not partitioned or blocked, it can also be used to track users across websites.
              
Passed
write: (secret) => localStorage.setItem("secret", secret)

read: () => localStorage.getItem("secret")

result, same first party: f7e729f7-9e22-4b1b-baa7-038cdd2b7466

result, different first party: null

unsupported: false

passed: true

test failed: false
Passed
write: (secret) => localStorage.setItem("secret", secret)

read: () => localStorage.getItem("secret")

result, same first party: eac80989-abd5-4d75-ab7d-bc4b3f378167

result, different first party: null

unsupported: false

passed: true

test failed: false
Passed
write: (secret) => localStorage.setItem("secret", secret)

read: () => localStorage.getItem("secret")

result, same first party: 8dcf3049-0641-4832-bc66-2373dea8b2ff

result, different first party: null

unsupported: false

passed: true

test failed: false
Passed
write: (secret) => localStorage.setItem("secret", secret)

read: () => localStorage.getItem("secret")

result, same first party: 25ffccc7-68bd-4d2f-86e0-8a0bb87be277

result, different first party: null

unsupported: false

passed: true

test failed: false
Passed
write: (secret) => localStorage.setItem("secret", secret)

read: () => localStorage.getItem("secret")

result, same first party: eb0dda01-983e-40e8-b21b-217f51793243

result, different first party: null

unsupported: false

passed: true

test failed: false
Passed
write: (secret) => localStorage.setItem("secret", secret)

read: () => localStorage.getItem("secret")

result, same first party: e91cf262-3db2-4ce2-9312-b912493f0ef0

result, different first party: null

unsupported: false

passed: true

test failed: false
Passed
write: (secret) => localStorage.setItem("secret", secret)

read: () => localStorage.getItem("secret")

result, same first party: e54f56ee-527d-4b84-847f-9120b105376f

result, different first party: null

unsupported: false

passed: true

test failed: false
Passed
write: (secret) => localStorage.setItem("secret", secret)

read: () => localStorage.getItem("secret")

result, same first party: 80df2b1d-cc96-4f9a-8af8-418737aa9557

result, different first party: Error: The operation is insecure.

unsupported: false

passed: true

test failed: false
Passed
write: (secret) => localStorage.setItem("secret", secret)

read: () => localStorage.getItem("secret")

result, same first party: 5c4b21b3-6581-43d2-8006-dc5d38ff986b

result, different first party: null

unsupported: false

passed: true

test failed: false
locks
navigator.locks (only supported in some browsers) allows scripts on multiple tabs to coordinate. If this API is not partitioned, it can be used for cross-site tracking.
              
Passed
write: async (key) => {
      if (navigator.locks) {
        navigator.locks.request(key, lock => new Promise((f,r) => {}));
        let queryResult = await navigator.locks.query();
        return queryResult.held[0].clientId;
      } else {
        throw new Error("Unsupported");
      }
    }

read: async () => {
      if (navigator.locks) {
        let queryResult = await navigator.locks.query();
        return queryResult.held[0].name;
      }
    }

result, same first party: f7e729f7-9e22-4b1b-baa7-038cdd2b7466

result, different first party: Error: Cannot read properties of undefined (reading 'name')

unsupported: false

passed: true

test failed: false
Passed
write: async (key) => {
      if (navigator.locks) {
        navigator.locks.request(key, lock => new Promise((f,r) => {}));
        let queryResult = await navigator.locks.query();
        return queryResult.held[0].clientId;
      } else {
        throw new Error("Unsupported");
      }
    }

read: async () => {
      if (navigator.locks) {
        let queryResult = await navigator.locks.query();
        return queryResult.held[0].name;
      }
    }

result, same first party: eac80989-abd5-4d75-ab7d-bc4b3f378167

result, different first party: Error: Cannot read properties of undefined (reading 'name')

unsupported: false

passed: true

test failed: false
Passed
write: async (key) => {
      if (navigator.locks) {
        navigator.locks.request(key, lock => new Promise((f,r) => {}));
        let queryResult = await navigator.locks.query();
        return queryResult.held[0].clientId;
      } else {
        throw new Error("Unsupported");
      }
    }

read: async () => {
      if (navigator.locks) {
        let queryResult = await navigator.locks.query();
        return queryResult.held[0].name;
      }
    }

result, same first party: 8dcf3049-0641-4832-bc66-2373dea8b2ff

result, different first party: Error: undefined is not an object (evaluating 'queryResult.held[0].name')

unsupported: false

passed: true

test failed: false
Passed
write: async (key) => {
      if (navigator.locks) {
        navigator.locks.request(key, lock => new Promise((f,r) => {}));
        let queryResult = await navigator.locks.query();
        return queryResult.held[0].clientId;
      } else {
        throw new Error("Unsupported");
      }
    }

read: async () => {
      if (navigator.locks) {
        let queryResult = await navigator.locks.query();
        return queryResult.held[0].name;
      }
    }

result, same first party: 25ffccc7-68bd-4d2f-86e0-8a0bb87be277

result, different first party: Error: Cannot read properties of undefined (reading 'name')

unsupported: false

passed: true

test failed: false
Passed
write: async (key) => {
      if (navigator.locks) {
        navigator.locks.request(key, lock => new Promise((f,r) => {}));
        let queryResult = await navigator.locks.query();
        return queryResult.held[0].clientId;
      } else {
        throw new Error("Unsupported");
      }
    }

read: async () => {
      if (navigator.locks) {
        let queryResult = await navigator.locks.query();
        return queryResult.held[0].name;
      }
    }

result, same first party: eb0dda01-983e-40e8-b21b-217f51793243

result, different first party: Error: LockManager.query: query() is not allowed in this context

unsupported: false

passed: true

test failed: false
Passed
write: async (key) => {
      if (navigator.locks) {
        navigator.locks.request(key, lock => new Promise((f,r) => {}));
        let queryResult = await navigator.locks.query();
        return queryResult.held[0].clientId;
      } else {
        throw new Error("Unsupported");
      }
    }

read: async () => {
      if (navigator.locks) {
        let queryResult = await navigator.locks.query();
        return queryResult.held[0].name;
      }
    }

result, same first party: e91cf262-3db2-4ce2-9312-b912493f0ef0

result, different first party: Error: Cannot read properties of undefined (reading 'name')

unsupported: false

passed: true

test failed: false
Passed
write: async (key) => {
      if (navigator.locks) {
        navigator.locks.request(key, lock => new Promise((f,r) => {}));
        let queryResult = await navigator.locks.query();
        return queryResult.held[0].clientId;
      } else {
        throw new Error("Unsupported");
      }
    }

read: async () => {
      if (navigator.locks) {
        let queryResult = await navigator.locks.query();
        return queryResult.held[0].name;
      }
    }

result, same first party: e54f56ee-527d-4b84-847f-9120b105376f

result, different first party: Error: undefined is not an object (evaluating 'queryResult.held[0].name')

unsupported: false

passed: true

test failed: false
Passed
write: async (key) => {
      if (navigator.locks) {
        navigator.locks.request(key, lock => new Promise((f,r) => {}));
        let queryResult = await navigator.locks.query();
        return queryResult.held[0].clientId;
      } else {
        throw new Error("Unsupported");
      }
    }

read: async () => {
      if (navigator.locks) {
        let queryResult = await navigator.locks.query();
        return queryResult.held[0].name;
      }
    }

result, same first party: 80df2b1d-cc96-4f9a-8af8-418737aa9557

result, different first party: Error: LockManager.query: query() is not allowed in this context

unsupported: false

passed: true

test failed: false
Passed
write: async (key) => {
      if (navigator.locks) {
        navigator.locks.request(key, lock => new Promise((f,r) => {}));
        let queryResult = await navigator.locks.query();
        return queryResult.held[0].clientId;
      } else {
        throw new Error("Unsupported");
      }
    }

read: async () => {
      if (navigator.locks) {
        let queryResult = await navigator.locks.query();
        return queryResult.held[0].name;
      }
    }

result, same first party: 5c4b21b3-6581-43d2-8006-dc5d38ff986b

result, different first party: Error: Cannot read properties of undefined (reading 'name')

unsupported: false

passed: true

test failed: false
prefetch cache
A <link rel='prefetch'...> suggests to browsers they should fetch a resource ahead of time and cache it. But if browsers don't partition this cache, it can be used to track users across websites.
              
Passed
write: async (key) => {
      let link = document.createElement("link");
      link.rel = "prefetch";
      link.href = testURI("resource", "prefetch", key);
      document.getElementsByTagName("head")[0].appendChild(link);
      return key;
    }

read: async (key) => {
      let link = document.createElement("link");
      link.rel = "prefetch";
      link.href = testURI("resource", "prefetch", key);
      document.getElementsByTagName("head")[0].appendChild(link);
      await sleepMs(500);
      let response = await fetch(
        testURI("ctr", "prefetch", key), {"cache": "reload"});
      let countString = (await response.text()).trim();
      if (parseInt(countString) === 0) {
        throw new Error("No requests received");
      }
      return countString;
    }

result, same first party: 1

result, different first party: 2

unsupported: false

passed: true

test failed: false
Passed
write: async (key) => {
      let link = document.createElement("link");
      link.rel = "prefetch";
      link.href = testURI("resource", "prefetch", key);
      document.getElementsByTagName("head")[0].appendChild(link);
      return key;
    }

read: async (key) => {
      let link = document.createElement("link");
      link.rel = "prefetch";
      link.href = testURI("resource", "prefetch", key);
      document.getElementsByTagName("head")[0].appendChild(link);
      await sleepMs(500);
      let response = await fetch(
        testURI("ctr", "prefetch", key), {"cache": "reload"});
      let countString = (await response.text()).trim();
      if (parseInt(countString) === 0) {
        throw new Error("No requests received");
      }
      return countString;
    }

result, same first party: 1

result, different first party: 2

unsupported: false

passed: true

test failed: false
Unsupported
write: async (key) => {
      let link = document.createElement("link");
      link.rel = "prefetch";
      link.href = testURI("resource", "prefetch", key);
      document.getElementsByTagName("head")[0].appendChild(link);
      return key;
    }

read: async (key) => {
      let link = document.createElement("link");
      link.rel = "prefetch";
      link.href = testURI("resource", "prefetch", key);
      document.getElementsByTagName("head")[0].appendChild(link);
      await sleepMs(500);
      let response = await fetch(
        testURI("ctr", "prefetch", key), {"cache": "reload"});
      let countString = (await response.text()).trim();
      if (parseInt(countString) === 0) {
        throw new Error("No requests received");
      }
      return countString;
    }

result, same first party: Error: No requests received

result, different first party: Error: No requests received

unsupported: true

passed: undefined

test failed: false
Passed
write: async (key) => {
      let link = document.createElement("link");
      link.rel = "prefetch";
      link.href = testURI("resource", "prefetch", key);
      document.getElementsByTagName("head")[0].appendChild(link);
      return key;
    }

read: async (key) => {
      let link = document.createElement("link");
      link.rel = "prefetch";
      link.href = testURI("resource", "prefetch", key);
      document.getElementsByTagName("head")[0].appendChild(link);
      await sleepMs(500);
      let response = await fetch(
        testURI("ctr", "prefetch", key), {"cache": "reload"});
      let countString = (await response.text()).trim();
      if (parseInt(countString) === 0) {
        throw new Error("No requests received");
      }
      return countString;
    }

result, same first party: 1

result, different first party: 2

unsupported: false

passed: true

test failed: false
Passed
write: async (key) => {
      let link = document.createElement("link");
      link.rel = "prefetch";
      link.href = testURI("resource", "prefetch", key);
      document.getElementsByTagName("head")[0].appendChild(link);
      return key;
    }

read: async (key) => {
      let link = document.createElement("link");
      link.rel = "prefetch";
      link.href = testURI("resource", "prefetch", key);
      document.getElementsByTagName("head")[0].appendChild(link);
      await sleepMs(500);
      let response = await fetch(
        testURI("ctr", "prefetch", key), {"cache": "reload"});
      let countString = (await response.text()).trim();
      if (parseInt(countString) === 0) {
        throw new Error("No requests received");
      }
      return countString;
    }

result, same first party: 1

result, different first party: 2

unsupported: false

passed: true

test failed: false
Passed
write: async (key) => {
      let link = document.createElement("link");
      link.rel = "prefetch";
      link.href = testURI("resource", "prefetch", key);
      document.getElementsByTagName("head")[0].appendChild(link);
      return key;
    }

read: async (key) => {
      let link = document.createElement("link");
      link.rel = "prefetch";
      link.href = testURI("resource", "prefetch", key);
      document.getElementsByTagName("head")[0].appendChild(link);
      await sleepMs(500);
      let response = await fetch(
        testURI("ctr", "prefetch", key), {"cache": "reload"});
      let countString = (await response.text()).trim();
      if (parseInt(countString) === 0) {
        throw new Error("No requests received");
      }
      return countString;
    }

result, same first party: 1

result, different first party: 2

unsupported: false

passed: true

test failed: false
Unsupported
write: async (key) => {
      let link = document.createElement("link");
      link.rel = "prefetch";
      link.href = testURI("resource", "prefetch", key);
      document.getElementsByTagName("head")[0].appendChild(link);
      return key;
    }

read: async (key) => {
      let link = document.createElement("link");
      link.rel = "prefetch";
      link.href = testURI("resource", "prefetch", key);
      document.getElementsByTagName("head")[0].appendChild(link);
      await sleepMs(500);
      let response = await fetch(
        testURI("ctr", "prefetch", key), {"cache": "reload"});
      let countString = (await response.text()).trim();
      if (parseInt(countString) === 0) {
        throw new Error("No requests received");
      }
      return countString;
    }

result, same first party: Error: No requests received

result, different first party: Error: No requests received

unsupported: true

passed: undefined

test failed: false
Unsupported
write: async (key) => {
      let link = document.createElement("link");
      link.rel = "prefetch";
      link.href = testURI("resource", "prefetch", key);
      document.getElementsByTagName("head")[0].appendChild(link);
      return key;
    }

read: async (key) => {
      let link = document.createElement("link");
      link.rel = "prefetch";
      link.href = testURI("resource", "prefetch", key);
      document.getElementsByTagName("head")[0].appendChild(link);
      await sleepMs(500);
      let response = await fetch(
        testURI("ctr", "prefetch", key), {"cache": "reload"});
      let countString = (await response.text()).trim();
      if (parseInt(countString) === 0) {
        throw new Error("No requests received");
      }
      return countString;
    }

result, same first party: Error: No requests received

result, different first party: Error: No requests received

unsupported: true

passed: undefined

test failed: false
Passed
write: async (key) => {
      let link = document.createElement("link");
      link.rel = "prefetch";
      link.href = testURI("resource", "prefetch", key);
      document.getElementsByTagName("head")[0].appendChild(link);
      return key;
    }

read: async (key) => {
      let link = document.createElement("link");
      link.rel = "prefetch";
      link.href = testURI("resource", "prefetch", key);
      document.getElementsByTagName("head")[0].appendChild(link);
      await sleepMs(500);
      let response = await fetch(
        testURI("ctr", "prefetch", key), {"cache": "reload"});
      let countString = (await response.text()).trim();
      if (parseInt(countString) === 0) {
        throw new Error("No requests received");
      }
      return countString;
    }

result, same first party: 1

result, different first party: 2

unsupported: false

passed: true

test failed: false
script cache
Caching of scripts in web browsers is a standard behavior. But if that cache leaks between websites, it can be abused for cross-site tracking.
              
Passed
write: (key) => new Promise((resolve, reject) => {
      let script = document.createElement("script");
      document.body.appendChild(script);
      script.addEventListener("load", () => resolve(key), {once: true});
      script.src = testURI("resource", "script", key);
    })

read: async (key) => {
      let script = document.createElement("script");
      document.body.appendChild(script);
      let scriptLoadPromise = new Promise((resolve, reject) => {
        script.addEventListener("load", resolve, {once: true});
      });
      script.src = testURI("resource", "script", key);
      await scriptLoadPromise;
      let response = await fetch(
        testURI("ctr", "script", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same first party: 1

result, different first party: 2

unsupported: false

passed: true

test failed: false
Passed
write: (key) => new Promise((resolve, reject) => {
      let script = document.createElement("script");
      document.body.appendChild(script);
      script.addEventListener("load", () => resolve(key), {once: true});
      script.src = testURI("resource", "script", key);
    })

read: async (key) => {
      let script = document.createElement("script");
      document.body.appendChild(script);
      let scriptLoadPromise = new Promise((resolve, reject) => {
        script.addEventListener("load", resolve, {once: true});
      });
      script.src = testURI("resource", "script", key);
      await scriptLoadPromise;
      let response = await fetch(
        testURI("ctr", "script", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same first party: 1

result, different first party: 2

unsupported: false

passed: true

test failed: false
Passed
write: (key) => new Promise((resolve, reject) => {
      let script = document.createElement("script");
      document.body.appendChild(script);
      script.addEventListener("load", () => resolve(key), {once: true});
      script.src = testURI("resource", "script", key);
    })

read: async (key) => {
      let script = document.createElement("script");
      document.body.appendChild(script);
      let scriptLoadPromise = new Promise((resolve, reject) => {
        script.addEventListener("load", resolve, {once: true});
      });
      script.src = testURI("resource", "script", key);
      await scriptLoadPromise;
      let response = await fetch(
        testURI("ctr", "script", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same first party: 2

result, different first party: 3

unsupported: false

passed: true

test failed: false
Passed
write: (key) => new Promise((resolve, reject) => {
      let script = document.createElement("script");
      document.body.appendChild(script);
      script.addEventListener("load", () => resolve(key), {once: true});
      script.src = testURI("resource", "script", key);
    })

read: async (key) => {
      let script = document.createElement("script");
      document.body.appendChild(script);
      let scriptLoadPromise = new Promise((resolve, reject) => {
        script.addEventListener("load", resolve, {once: true});
      });
      script.src = testURI("resource", "script", key);
      await scriptLoadPromise;
      let response = await fetch(
        testURI("ctr", "script", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same first party: 1

result, different first party: 2

unsupported: false

passed: true

test failed: false
Passed
write: (key) => new Promise((resolve, reject) => {
      let script = document.createElement("script");
      document.body.appendChild(script);
      script.addEventListener("load", () => resolve(key), {once: true});
      script.src = testURI("resource", "script", key);
    })

read: async (key) => {
      let script = document.createElement("script");
      document.body.appendChild(script);
      let scriptLoadPromise = new Promise((resolve, reject) => {
        script.addEventListener("load", resolve, {once: true});
      });
      script.src = testURI("resource", "script", key);
      await scriptLoadPromise;
      let response = await fetch(
        testURI("ctr", "script", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same first party: 1

result, different first party: 2

unsupported: false

passed: true

test failed: false
Passed
write: (key) => new Promise((resolve, reject) => {
      let script = document.createElement("script");
      document.body.appendChild(script);
      script.addEventListener("load", () => resolve(key), {once: true});
      script.src = testURI("resource", "script", key);
    })

read: async (key) => {
      let script = document.createElement("script");
      document.body.appendChild(script);
      let scriptLoadPromise = new Promise((resolve, reject) => {
        script.addEventListener("load", resolve, {once: true});
      });
      script.src = testURI("resource", "script", key);
      await scriptLoadPromise;
      let response = await fetch(
        testURI("ctr", "script", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same first party: 1

result, different first party: 2

unsupported: false

passed: true

test failed: false
Passed
write: (key) => new Promise((resolve, reject) => {
      let script = document.createElement("script");
      document.body.appendChild(script);
      script.addEventListener("load", () => resolve(key), {once: true});
      script.src = testURI("resource", "script", key);
    })

read: async (key) => {
      let script = document.createElement("script");
      document.body.appendChild(script);
      let scriptLoadPromise = new Promise((resolve, reject) => {
        script.addEventListener("load", resolve, {once: true});
      });
      script.src = testURI("resource", "script", key);
      await scriptLoadPromise;
      let response = await fetch(
        testURI("ctr", "script", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same first party: 2

result, different first party: 3

unsupported: false

passed: true

test failed: false
Passed
write: (key) => new Promise((resolve, reject) => {
      let script = document.createElement("script");
      document.body.appendChild(script);
      script.addEventListener("load", () => resolve(key), {once: true});
      script.src = testURI("resource", "script", key);
    })

read: async (key) => {
      let script = document.createElement("script");
      document.body.appendChild(script);
      let scriptLoadPromise = new Promise((resolve, reject) => {
        script.addEventListener("load", resolve, {once: true});
      });
      script.src = testURI("resource", "script", key);
      await scriptLoadPromise;
      let response = await fetch(
        testURI("ctr", "script", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same first party: 1

result, different first party: 2

unsupported: false

passed: true

test failed: false
Passed
write: (key) => new Promise((resolve, reject) => {
      let script = document.createElement("script");
      document.body.appendChild(script);
      script.addEventListener("load", () => resolve(key), {once: true});
      script.src = testURI("resource", "script", key);
    })

read: async (key) => {
      let script = document.createElement("script");
      document.body.appendChild(script);
      let scriptLoadPromise = new Promise((resolve, reject) => {
        script.addEventListener("load", resolve, {once: true});
      });
      script.src = testURI("resource", "script", key);
      await scriptLoadPromise;
      let response = await fetch(
        testURI("ctr", "script", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same first party: 1

result, different first party: 2

unsupported: false

passed: true

test failed: false
ServiceWorker
The ServiceWorker API allows websites to run code in the background and store content in the browser for offline use. If a ServiceWorker can be accessed from multiple websites, it can be abused to track users across sites.
              
Passed
write: async (key) => {
      if (!navigator.serviceWorker) {
        throw new Error("Unsupported");
      }
      let registration = await navigator.serviceWorker.register(
        'serviceWorker.js');
      console.log(registration);
      await navigator.serviceWorker.ready;
      console.log("service worker ready");
      await sleepMs(100);
      await fetch(`serviceworker-write?secret=${key}`);
    }

read: async () => {
      console.log("trying to register the serviceworker now...");
      const registration = await Promise.race([
        navigator.serviceWorker.register('serviceWorker.js'),
        sleepMs(500)
      ]);
      if (registration === undefined) {
        // We timed out or otherwise failed.
        throw new Error("ServiceWorker registration failed");
      }
      console.log(registration);
      await navigator.serviceWorker.ready;
      console.log("service worker ready");
      await sleepMs(100);
      let response = await fetch("serviceworker-read");
      return await response.text();
    }

result, same first party: <html>
<head><title>404 Not Found</title></head>
<body>
<center><h1>404 Not Found</h1></center>
<hr><center>nginx/1.18.0 (Ubuntu)</center>
</body>
</html>
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->


result, different first party: 

unsupported: false

passed: true

test failed: false
Passed
write: async (key) => {
      if (!navigator.serviceWorker) {
        throw new Error("Unsupported");
      }
      let registration = await navigator.serviceWorker.register(
        'serviceWorker.js');
      console.log(registration);
      await navigator.serviceWorker.ready;
      console.log("service worker ready");
      await sleepMs(100);
      await fetch(`serviceworker-write?secret=${key}`);
    }

read: async () => {
      console.log("trying to register the serviceworker now...");
      const registration = await Promise.race([
        navigator.serviceWorker.register('serviceWorker.js'),
        sleepMs(500)
      ]);
      if (registration === undefined) {
        // We timed out or otherwise failed.
        throw new Error("ServiceWorker registration failed");
      }
      console.log(registration);
      await navigator.serviceWorker.ready;
      console.log("service worker ready");
      await sleepMs(100);
      let response = await fetch("serviceworker-read");
      return await response.text();
    }

result, same first party: <html>
<head><title>404 Not Found</title></head>
<body>
<center><h1>404 Not Found</h1></center>
<hr><center>nginx/1.18.0 (Ubuntu)</center>
</body>
</html>
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->


result, different first party: 

unsupported: false

passed: true

test failed: false
Passed
write: async (key) => {
      if (!navigator.serviceWorker) {
        throw new Error("Unsupported");
      }
      let registration = await navigator.serviceWorker.register(
        'serviceWorker.js');
      console.log(registration);
      await navigator.serviceWorker.ready;
      console.log("service worker ready");
      await sleepMs(100);
      await fetch(`serviceworker-write?secret=${key}`);
    }

read: async () => {
      console.log("trying to register the serviceworker now...");
      const registration = await Promise.race([
        navigator.serviceWorker.register('serviceWorker.js'),
        sleepMs(500)
      ]);
      if (registration === undefined) {
        // We timed out or otherwise failed.
        throw new Error("ServiceWorker registration failed");
      }
      console.log(registration);
      await navigator.serviceWorker.ready;
      console.log("service worker ready");
      await sleepMs(100);
      let response = await fetch("serviceworker-read");
      return await response.text();
    }

result, same first party: 

result, different first party: 

unsupported: false

passed: undefined

test failed: true
Passed
write: async (key) => {
      if (!navigator.serviceWorker) {
        throw new Error("Unsupported");
      }
      let registration = await navigator.serviceWorker.register(
        'serviceWorker.js');
      console.log(registration);
      await navigator.serviceWorker.ready;
      console.log("service worker ready");
      await sleepMs(100);
      await fetch(`serviceworker-write?secret=${key}`);
    }

read: async () => {
      console.log("trying to register the serviceworker now...");
      const registration = await Promise.race([
        navigator.serviceWorker.register('serviceWorker.js'),
        sleepMs(500)
      ]);
      if (registration === undefined) {
        // We timed out or otherwise failed.
        throw new Error("ServiceWorker registration failed");
      }
      console.log(registration);
      await navigator.serviceWorker.ready;
      console.log("service worker ready");
      await sleepMs(100);
      let response = await fetch("serviceworker-read");
      return await response.text();
    }

result, same first party: <html>
<head><title>404 Not Found</title></head>
<body>
<center><h1>404 Not Found</h1></center>
<hr><center>nginx/1.18.0 (Ubuntu)</center>
</body>
</html>
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->


result, different first party: 

unsupported: false

passed: true

test failed: false
Passed
write: async (key) => {
      if (!navigator.serviceWorker) {
        throw new Error("Unsupported");
      }
      let registration = await navigator.serviceWorker.register(
        'serviceWorker.js');
      console.log(registration);
      await navigator.serviceWorker.ready;
      console.log("service worker ready");
      await sleepMs(100);
      await fetch(`serviceworker-write?secret=${key}`);
    }

read: async () => {
      console.log("trying to register the serviceworker now...");
      const registration = await Promise.race([
        navigator.serviceWorker.register('serviceWorker.js'),
        sleepMs(500)
      ]);
      if (registration === undefined) {
        // We timed out or otherwise failed.
        throw new Error("ServiceWorker registration failed");
      }
      console.log(registration);
      await navigator.serviceWorker.ready;
      console.log("service worker ready");
      await sleepMs(100);
      let response = await fetch("serviceworker-read");
      return await response.text();
    }

result, same first party: 

result, different first party: 

unsupported: false

passed: undefined

test failed: true
Passed
write: async (key) => {
      if (!navigator.serviceWorker) {
        throw new Error("Unsupported");
      }
      let registration = await navigator.serviceWorker.register(
        'serviceWorker.js');
      console.log(registration);
      await navigator.serviceWorker.ready;
      console.log("service worker ready");
      await sleepMs(100);
      await fetch(`serviceworker-write?secret=${key}`);
    }

read: async () => {
      console.log("trying to register the serviceworker now...");
      const registration = await Promise.race([
        navigator.serviceWorker.register('serviceWorker.js'),
        sleepMs(500)
      ]);
      if (registration === undefined) {
        // We timed out or otherwise failed.
        throw new Error("ServiceWorker registration failed");
      }
      console.log(registration);
      await navigator.serviceWorker.ready;
      console.log("service worker ready");
      await sleepMs(100);
      let response = await fetch("serviceworker-read");
      return await response.text();
    }

result, same first party: <html>
<head><title>404 Not Found</title></head>
<body>
<center><h1>404 Not Found</h1></center>
<hr><center>nginx/1.18.0 (Ubuntu)</center>
</body>
</html>
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->


result, different first party: 

unsupported: false

passed: true

test failed: false
Passed
write: async (key) => {
      if (!navigator.serviceWorker) {
        throw new Error("Unsupported");
      }
      let registration = await navigator.serviceWorker.register(
        'serviceWorker.js');
      console.log(registration);
      await navigator.serviceWorker.ready;
      console.log("service worker ready");
      await sleepMs(100);
      await fetch(`serviceworker-write?secret=${key}`);
    }

read: async () => {
      console.log("trying to register the serviceworker now...");
      const registration = await Promise.race([
        navigator.serviceWorker.register('serviceWorker.js'),
        sleepMs(500)
      ]);
      if (registration === undefined) {
        // We timed out or otherwise failed.
        throw new Error("ServiceWorker registration failed");
      }
      console.log(registration);
      await navigator.serviceWorker.ready;
      console.log("service worker ready");
      await sleepMs(100);
      let response = await fetch("serviceworker-read");
      return await response.text();
    }

result, same first party: 

result, different first party: 

unsupported: false

passed: undefined

test failed: true
Unsupported
write: async (key) => {
      if (!navigator.serviceWorker) {
        throw new Error("Unsupported");
      }
      let registration = await navigator.serviceWorker.register(
        'serviceWorker.js');
      console.log(registration);
      await navigator.serviceWorker.ready;
      console.log("service worker ready");
      await sleepMs(100);
      await fetch(`serviceworker-write?secret=${key}`);
    }

read: async () => {
      console.log("trying to register the serviceworker now...");
      const registration = await Promise.race([
        navigator.serviceWorker.register('serviceWorker.js'),
        sleepMs(500)
      ]);
      if (registration === undefined) {
        // We timed out or otherwise failed.
        throw new Error("ServiceWorker registration failed");
      }
      console.log(registration);
      await navigator.serviceWorker.ready;
      console.log("service worker ready");
      await sleepMs(100);
      let response = await fetch("serviceworker-read");
      return await response.text();
    }

result, same first party: Error: navigator.serviceWorker is undefined

result, different first party: Error: navigator.serviceWorker is undefined

unsupported: true

passed: undefined

test failed: false
Passed
write: async (key) => {
      if (!navigator.serviceWorker) {
        throw new Error("Unsupported");
      }
      let registration = await navigator.serviceWorker.register(
        'serviceWorker.js');
      console.log(registration);
      await navigator.serviceWorker.ready;
      console.log("service worker ready");
      await sleepMs(100);
      await fetch(`serviceworker-write?secret=${key}`);
    }

read: async () => {
      console.log("trying to register the serviceworker now...");
      const registration = await Promise.race([
        navigator.serviceWorker.register('serviceWorker.js'),
        sleepMs(500)
      ]);
      if (registration === undefined) {
        // We timed out or otherwise failed.
        throw new Error("ServiceWorker registration failed");
      }
      console.log(registration);
      await navigator.serviceWorker.ready;
      console.log("service worker ready");
      await sleepMs(100);
      let response = await fetch("serviceworker-read");
      return await response.text();
    }

result, same first party: <html>
<head><title>404 Not Found</title></head>
<body>
<center><h1>404 Not Found</h1></center>
<hr><center>nginx/1.18.0 (Ubuntu)</center>
</body>
</html>
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->


result, different first party: 

unsupported: false

passed: true

test failed: false
SharedWorker
The SharedWorker API allows scripts from multiple tabs to share a background thread of computation. If SharedWorker is not partitioned, then it can be abused to shared data between websites in your browser.
              
Passed
write: async (secret) => {
      try {
        let worker = new SharedWorker("supercookies_sharedworker.js");
        worker.port.start();
//        console.log("worker", worker);
        const messagePromise = new Promise((resolve) => {
          worker.port.onmessage = (e) => resolve(e.data);
        });
        worker.port.postMessage(secret);
        await messagePromise;
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: async () => {
      let worker = new SharedWorker("supercookies_sharedworker.js");
      worker.port.start();
      const messagePromise = new Promise((resolve, reject) => {
        worker.port.onmessage = (e) => resolve(e.data);
        setTimeout(() => reject(new Error("no SharedWorker message received")), 200);
      });
      worker.port.postMessage("request");
      const message = await messagePromise;
      if (message === "none") {
        throw new Error("Unsupported");
      }
      return message;
    }

result, same first party: f7e729f7-9e22-4b1b-baa7-038cdd2b7466

result, different first party: Error: Unsupported

unsupported: false

passed: true

test failed: false
Passed
write: async (secret) => {
      try {
        let worker = new SharedWorker("supercookies_sharedworker.js");
        worker.port.start();
//        console.log("worker", worker);
        const messagePromise = new Promise((resolve) => {
          worker.port.onmessage = (e) => resolve(e.data);
        });
        worker.port.postMessage(secret);
        await messagePromise;
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: async () => {
      let worker = new SharedWorker("supercookies_sharedworker.js");
      worker.port.start();
      const messagePromise = new Promise((resolve, reject) => {
        worker.port.onmessage = (e) => resolve(e.data);
        setTimeout(() => reject(new Error("no SharedWorker message received")), 200);
      });
      worker.port.postMessage("request");
      const message = await messagePromise;
      if (message === "none") {
        throw new Error("Unsupported");
      }
      return message;
    }

result, same first party: eac80989-abd5-4d75-ab7d-bc4b3f378167

result, different first party: Error: Unsupported

unsupported: false

passed: true

test failed: false
Passed
write: async (secret) => {
      try {
        let worker = new SharedWorker("supercookies_sharedworker.js");
        worker.port.start();
//        console.log("worker", worker);
        const messagePromise = new Promise((resolve) => {
          worker.port.onmessage = (e) => resolve(e.data);
        });
        worker.port.postMessage(secret);
        await messagePromise;
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: async () => {
      let worker = new SharedWorker("supercookies_sharedworker.js");
      worker.port.start();
      const messagePromise = new Promise((resolve, reject) => {
        worker.port.onmessage = (e) => resolve(e.data);
        setTimeout(() => reject(new Error("no SharedWorker message received")), 200);
      });
      worker.port.postMessage("request");
      const message = await messagePromise;
      if (message === "none") {
        throw new Error("Unsupported");
      }
      return message;
    }

result, same first party: 8dcf3049-0641-4832-bc66-2373dea8b2ff

result, different first party: Error: Unsupported

unsupported: false

passed: true

test failed: false
Passed
write: async (secret) => {
      try {
        let worker = new SharedWorker("supercookies_sharedworker.js");
        worker.port.start();
//        console.log("worker", worker);
        const messagePromise = new Promise((resolve) => {
          worker.port.onmessage = (e) => resolve(e.data);
        });
        worker.port.postMessage(secret);
        await messagePromise;
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: async () => {
      let worker = new SharedWorker("supercookies_sharedworker.js");
      worker.port.start();
      const messagePromise = new Promise((resolve, reject) => {
        worker.port.onmessage = (e) => resolve(e.data);
        setTimeout(() => reject(new Error("no SharedWorker message received")), 200);
      });
      worker.port.postMessage("request");
      const message = await messagePromise;
      if (message === "none") {
        throw new Error("Unsupported");
      }
      return message;
    }

result, same first party: 25ffccc7-68bd-4d2f-86e0-8a0bb87be277

result, different first party: Error: Unsupported

unsupported: false

passed: true

test failed: false
Passed
write: async (secret) => {
      try {
        let worker = new SharedWorker("supercookies_sharedworker.js");
        worker.port.start();
//        console.log("worker", worker);
        const messagePromise = new Promise((resolve) => {
          worker.port.onmessage = (e) => resolve(e.data);
        });
        worker.port.postMessage(secret);
        await messagePromise;
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: async () => {
      let worker = new SharedWorker("supercookies_sharedworker.js");
      worker.port.start();
      const messagePromise = new Promise((resolve, reject) => {
        worker.port.onmessage = (e) => resolve(e.data);
        setTimeout(() => reject(new Error("no SharedWorker message received")), 200);
      });
      worker.port.postMessage("request");
      const message = await messagePromise;
      if (message === "none") {
        throw new Error("Unsupported");
      }
      return message;
    }

result, same first party: eb0dda01-983e-40e8-b21b-217f51793243

result, different first party: Error: Unsupported

unsupported: false

passed: true

test failed: false
Passed
write: async (secret) => {
      try {
        let worker = new SharedWorker("supercookies_sharedworker.js");
        worker.port.start();
//        console.log("worker", worker);
        const messagePromise = new Promise((resolve) => {
          worker.port.onmessage = (e) => resolve(e.data);
        });
        worker.port.postMessage(secret);
        await messagePromise;
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: async () => {
      let worker = new SharedWorker("supercookies_sharedworker.js");
      worker.port.start();
      const messagePromise = new Promise((resolve, reject) => {
        worker.port.onmessage = (e) => resolve(e.data);
        setTimeout(() => reject(new Error("no SharedWorker message received")), 200);
      });
      worker.port.postMessage("request");
      const message = await messagePromise;
      if (message === "none") {
        throw new Error("Unsupported");
      }
      return message;
    }

result, same first party: e91cf262-3db2-4ce2-9312-b912493f0ef0

result, different first party: Error: Unsupported

unsupported: false

passed: true

test failed: false
Passed
write: async (secret) => {
      try {
        let worker = new SharedWorker("supercookies_sharedworker.js");
        worker.port.start();
//        console.log("worker", worker);
        const messagePromise = new Promise((resolve) => {
          worker.port.onmessage = (e) => resolve(e.data);
        });
        worker.port.postMessage(secret);
        await messagePromise;
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: async () => {
      let worker = new SharedWorker("supercookies_sharedworker.js");
      worker.port.start();
      const messagePromise = new Promise((resolve, reject) => {
        worker.port.onmessage = (e) => resolve(e.data);
        setTimeout(() => reject(new Error("no SharedWorker message received")), 200);
      });
      worker.port.postMessage("request");
      const message = await messagePromise;
      if (message === "none") {
        throw new Error("Unsupported");
      }
      return message;
    }

result, same first party: e54f56ee-527d-4b84-847f-9120b105376f

result, different first party: Error: Unsupported

unsupported: false

passed: true

test failed: false
Passed
write: async (secret) => {
      try {
        let worker = new SharedWorker("supercookies_sharedworker.js");
        worker.port.start();
//        console.log("worker", worker);
        const messagePromise = new Promise((resolve) => {
          worker.port.onmessage = (e) => resolve(e.data);
        });
        worker.port.postMessage(secret);
        await messagePromise;
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: async () => {
      let worker = new SharedWorker("supercookies_sharedworker.js");
      worker.port.start();
      const messagePromise = new Promise((resolve, reject) => {
        worker.port.onmessage = (e) => resolve(e.data);
        setTimeout(() => reject(new Error("no SharedWorker message received")), 200);
      });
      worker.port.postMessage("request");
      const message = await messagePromise;
      if (message === "none") {
        throw new Error("Unsupported");
      }
      return message;
    }

result, same first party: 80df2b1d-cc96-4f9a-8af8-418737aa9557

result, different first party: Error: The operation is insecure.

unsupported: false

passed: true

test failed: false
Passed
write: async (secret) => {
      try {
        let worker = new SharedWorker("supercookies_sharedworker.js");
        worker.port.start();
//        console.log("worker", worker);
        const messagePromise = new Promise((resolve) => {
          worker.port.onmessage = (e) => resolve(e.data);
        });
        worker.port.postMessage(secret);
        await messagePromise;
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: async () => {
      let worker = new SharedWorker("supercookies_sharedworker.js");
      worker.port.start();
      const messagePromise = new Promise((resolve, reject) => {
        worker.port.onmessage = (e) => resolve(e.data);
        setTimeout(() => reject(new Error("no SharedWorker message received")), 200);
      });
      worker.port.postMessage("request");
      const message = await messagePromise;
      if (message === "none") {
        throw new Error("Unsupported");
      }
      return message;
    }

result, same first party: 5c4b21b3-6581-43d2-8006-dc5d38ff986b

result, different first party: Error: Unsupported

unsupported: false

passed: true

test failed: false
TLS Session ID
The TLS protocol is used by HTTPS to make connections secure. If the browser were to re-use a TLS session, then the session ID could be used to track users across websites.
              
Passed
write: async () => {
      let results = await fetch("https://tls.privacytests2.org:8900/");
      return (await results.json()).sessionId;
    }

read: async () => {
      let results = await fetch("https://tls.privacytests2.org:8900/");
      return (await results.json()).sessionId;
    }

result, same first party: 96b8404f3f76e69bd60330169ab3f6863f4d63a4a5c6fde8f707482e0ecc000f

result, different first party: cdc5949a89ef8a766b2129202344eb9067dc500d014cb626be4484d827ca6b78

unsupported: false

passed: true

test failed: false
Passed
write: async () => {
      let results = await fetch("https://tls.privacytests2.org:8900/");
      return (await results.json()).sessionId;
    }

read: async () => {
      let results = await fetch("https://tls.privacytests2.org:8900/");
      return (await results.json()).sessionId;
    }

result, same first party: 5587909efde26f817917103f584466698daef951db94bf5146e493ff6056017c

result, different first party: 43d2a0a80996a1553fbbe2511b8aa06eb67d6a650acd6c7454df121ccc78da50

unsupported: false

passed: true

test failed: false
Passed
write: async () => {
      let results = await fetch("https://tls.privacytests2.org:8900/");
      return (await results.json()).sessionId;
    }

read: async () => {
      let results = await fetch("https://tls.privacytests2.org:8900/");
      return (await results.json()).sessionId;
    }

result, same first party: 28cf4b1862cfddf1ee908ea67bdce1f5adc851f35eee15d73d982cfa61ae304e

result, different first party: 2ad650b09d4d7089158430236c22345a35efe400857b38782056b296448fc56d

unsupported: false

passed: true

test failed: false
Passed
write: async () => {
      let results = await fetch("https://tls.privacytests2.org:8900/");
      return (await results.json()).sessionId;
    }

read: async () => {
      let results = await fetch("https://tls.privacytests2.org:8900/");
      return (await results.json()).sessionId;
    }

result, same first party: 826e9efdd0cc1a9bfd4ffe5dee7717929e80aa43dfb44bc61d6176042693222a

result, different first party: fec5df1f8d5a319ef6438177b6ec2253774b60c0cbadb07af232a130d858200e

unsupported: false

passed: true

test failed: false
Passed
write: async () => {
      let results = await fetch("https://tls.privacytests2.org:8900/");
      return (await results.json()).sessionId;
    }

read: async () => {
      let results = await fetch("https://tls.privacytests2.org:8900/");
      return (await results.json()).sessionId;
    }

result, same first party: e7ece0e172b517831dcedd22e60aaa4a3b5e72c85920df07ebf30363cc2adb84

result, different first party: 7f0595e99dced9f56e5ab89df194be2885172b176a71a6c01942d21b0eeff1ff

unsupported: false

passed: true

test failed: false
Passed
write: async () => {
      let results = await fetch("https://tls.privacytests2.org:8900/");
      return (await results.json()).sessionId;
    }

read: async () => {
      let results = await fetch("https://tls.privacytests2.org:8900/");
      return (await results.json()).sessionId;
    }

result, same first party: 0d71488817e1fb4595bce13bc16230b7d4153d4b5994ff40f41c2c4a736703d9

result, different first party: a31d2922fe2ce8969ad1eae5d648b65f7e7ddfa13b0a80dce0f47e19cd330866

unsupported: false

passed: true

test failed: false
Passed
write: async () => {
      let results = await fetch("https://tls.privacytests2.org:8900/");
      return (await results.json()).sessionId;
    }

read: async () => {
      let results = await fetch("https://tls.privacytests2.org:8900/");
      return (await results.json()).sessionId;
    }

result, same first party: e6abcf18fd6132eab93494282c98dfc44a91023ee47c9cccd6a87e547e2e44d8

result, different first party: ac1f6bdc8b3030632a5b592b262c605d0a3d85b3e49c9c2024c91524c335a625

unsupported: false

passed: true

test failed: false
Passed
write: async () => {
      let results = await fetch("https://tls.privacytests2.org:8900/");
      return (await results.json()).sessionId;
    }

read: async () => {
      let results = await fetch("https://tls.privacytests2.org:8900/");
      return (await results.json()).sessionId;
    }

result, same first party: d547101b20285ec2a153283f9a5e3daa580be2ce3e23c89a8eb4b0d4810810d1

result, different first party: e0086c2d09026296a755a58fe5977e230ba82fbd4fbb97fb59c503958264ddc2

unsupported: false

passed: true

test failed: false
Passed
write: async () => {
      let results = await fetch("https://tls.privacytests2.org:8900/");
      return (await results.json()).sessionId;
    }

read: async () => {
      let results = await fetch("https://tls.privacytests2.org:8900/");
      return (await results.json()).sessionId;
    }

result, same first party: bdbe1b14ad19762b6c1931931bd39b6bf0d395979d1cb7093719a64449dc318e

result, different first party: b333f64ff58310b99986950f6a44abba2171df8c17d5fd57cf8202094ef30b4e

unsupported: false

passed: true

test failed: false
XMLHttpRequest cache
Similar to the newer Fetch API, any resource received may be cached by the browser. The cache is potentially vulnerable to cross-site tracking attack.
              
Passed
write: async (key) => {
      const req = new XMLHttpRequest();
      const loadPromise = new Promise(resolve => req.addEventListener("load", resolve));
      req.open("GET", testURI("resource", "xhr", key));
      req.send();
      await loadPromise;
      return key;
    }

read: async (key) => {
      const req = new XMLHttpRequest();
      const loadPromise = new Promise(resolve => req.addEventListener("load", resolve));
      req.open("GET", testURI("resource", "xhr", key));
      req.send();
      await loadPromise;
      let countResponse = await fetch(testURI("ctr", "xhr", key),
                                      {cache: "reload"});
      return (await countResponse.text()).trim();
    }

result, same first party: 1

result, different first party: 2

unsupported: false

passed: true

test failed: false
Passed
write: async (key) => {
      const req = new XMLHttpRequest();
      const loadPromise = new Promise(resolve => req.addEventListener("load", resolve));
      req.open("GET", testURI("resource", "xhr", key));
      req.send();
      await loadPromise;
      return key;
    }

read: async (key) => {
      const req = new XMLHttpRequest();
      const loadPromise = new Promise(resolve => req.addEventListener("load", resolve));
      req.open("GET", testURI("resource", "xhr", key));
      req.send();
      await loadPromise;
      let countResponse = await fetch(testURI("ctr", "xhr", key),
                                      {cache: "reload"});
      return (await countResponse.text()).trim();
    }

result, same first party: 1

result, different first party: 2

unsupported: false

passed: true

test failed: false
Passed
write: async (key) => {
      const req = new XMLHttpRequest();
      const loadPromise = new Promise(resolve => req.addEventListener("load", resolve));
      req.open("GET", testURI("resource", "xhr", key));
      req.send();
      await loadPromise;
      return key;
    }

read: async (key) => {
      const req = new XMLHttpRequest();
      const loadPromise = new Promise(resolve => req.addEventListener("load", resolve));
      req.open("GET", testURI("resource", "xhr", key));
      req.send();
      await loadPromise;
      let countResponse = await fetch(testURI("ctr", "xhr", key),
                                      {cache: "reload"});
      return (await countResponse.text()).trim();
    }

result, same first party: 1

result, different first party: 2

unsupported: false

passed: true

test failed: false
Passed
write: async (key) => {
      const req = new XMLHttpRequest();
      const loadPromise = new Promise(resolve => req.addEventListener("load", resolve));
      req.open("GET", testURI("resource", "xhr", key));
      req.send();
      await loadPromise;
      return key;
    }

read: async (key) => {
      const req = new XMLHttpRequest();
      const loadPromise = new Promise(resolve => req.addEventListener("load", resolve));
      req.open("GET", testURI("resource", "xhr", key));
      req.send();
      await loadPromise;
      let countResponse = await fetch(testURI("ctr", "xhr", key),
                                      {cache: "reload"});
      return (await countResponse.text()).trim();
    }

result, same first party: 1

result, different first party: 2

unsupported: false

passed: true

test failed: false
Passed
write: async (key) => {
      const req = new XMLHttpRequest();
      const loadPromise = new Promise(resolve => req.addEventListener("load", resolve));
      req.open("GET", testURI("resource", "xhr", key));
      req.send();
      await loadPromise;
      return key;
    }

read: async (key) => {
      const req = new XMLHttpRequest();
      const loadPromise = new Promise(resolve => req.addEventListener("load", resolve));
      req.open("GET", testURI("resource", "xhr", key));
      req.send();
      await loadPromise;
      let countResponse = await fetch(testURI("ctr", "xhr", key),
                                      {cache: "reload"});
      return (await countResponse.text()).trim();
    }

result, same first party: 1

result, different first party: 2

unsupported: false

passed: true

test failed: false
Passed
write: async (key) => {
      const req = new XMLHttpRequest();
      const loadPromise = new Promise(resolve => req.addEventListener("load", resolve));
      req.open("GET", testURI("resource", "xhr", key));
      req.send();
      await loadPromise;
      return key;
    }

read: async (key) => {
      const req = new XMLHttpRequest();
      const loadPromise = new Promise(resolve => req.addEventListener("load", resolve));
      req.open("GET", testURI("resource", "xhr", key));
      req.send();
      await loadPromise;
      let countResponse = await fetch(testURI("ctr", "xhr", key),
                                      {cache: "reload"});
      return (await countResponse.text()).trim();
    }

result, same first party: 1

result, different first party: 2

unsupported: false

passed: true

test failed: false
Passed
write: async (key) => {
      const req = new XMLHttpRequest();
      const loadPromise = new Promise(resolve => req.addEventListener("load", resolve));
      req.open("GET", testURI("resource", "xhr", key));
      req.send();
      await loadPromise;
      return key;
    }

read: async (key) => {
      const req = new XMLHttpRequest();
      const loadPromise = new Promise(resolve => req.addEventListener("load", resolve));
      req.open("GET", testURI("resource", "xhr", key));
      req.send();
      await loadPromise;
      let countResponse = await fetch(testURI("ctr", "xhr", key),
                                      {cache: "reload"});
      return (await countResponse.text()).trim();
    }

result, same first party: 2

result, different first party: 3

unsupported: false

passed: true

test failed: false
Passed
write: async (key) => {
      const req = new XMLHttpRequest();
      const loadPromise = new Promise(resolve => req.addEventListener("load", resolve));
      req.open("GET", testURI("resource", "xhr", key));
      req.send();
      await loadPromise;
      return key;
    }

read: async (key) => {
      const req = new XMLHttpRequest();
      const loadPromise = new Promise(resolve => req.addEventListener("load", resolve));
      req.open("GET", testURI("resource", "xhr", key));
      req.send();
      await loadPromise;
      let countResponse = await fetch(testURI("ctr", "xhr", key),
                                      {cache: "reload"});
      return (await countResponse.text()).trim();
    }

result, same first party: 1

result, different first party: 2

unsupported: false

passed: true

test failed: false
Passed
write: async (key) => {
      const req = new XMLHttpRequest();
      const loadPromise = new Promise(resolve => req.addEventListener("load", resolve));
      req.open("GET", testURI("resource", "xhr", key));
      req.send();
      await loadPromise;
      return key;
    }

read: async (key) => {
      const req = new XMLHttpRequest();
      const loadPromise = new Promise(resolve => req.addEventListener("load", resolve));
      req.open("GET", testURI("resource", "xhr", key));
      req.send();
      await loadPromise;
      let countResponse = await fetch(testURI("ctr", "xhr", key),
                                      {cache: "reload"});
      return (await countResponse.text()).trim();
    }

result, same first party: 1

result, different first party: 2

unsupported: false

passed: true

test failed: false
Navigation testsWhich browsers prevent websites from sharing tracking data when you click on a link?
When you click a hyperlink to navigate your browser from one site to another, certain browser APIs allow the first site to communicate to the second site. These privacy vulnerabilities can be fixed by introducing new limits on how much data is transfered between sites.',
        
document.referrer
The Referer [sic] request header is a mechanism used by browsers to let a website know where the user is visiting from. This header is inherently tracking users across websites. In recent times, browsers have switched to a policy of trimming a referrer to convey less tracking information, but Referer continues to convey cross-site tracking data by default.
              
Failed
write: (secret) => { /* do nothing */ }

read: () => document.referrer

result, same first party: https://test-pages.privacytests2.org/

result, different first party: https://test-pages.privacytests2.org/

unsupported: false

passed: false

test failed: false
Failed
write: (secret) => { /* do nothing */ }

read: () => document.referrer

result, same first party: https://test-pages.privacytests2.org/

result, different first party: https://test-pages.privacytests2.org/

unsupported: false

passed: false

test failed: false
Failed
write: (secret) => { /* do nothing */ }

read: () => document.referrer

result, same first party: https://test-pages.privacytests2.org/

result, different first party: https://test-pages.privacytests2.org/

unsupported: false

passed: false

test failed: false
Failed
write: (secret) => { /* do nothing */ }

read: () => document.referrer

result, same first party: https://test-pages.privacytests2.org/

result, different first party: https://test-pages.privacytests2.org/

unsupported: false

passed: false

test failed: false
Failed
write: (secret) => { /* do nothing */ }

read: () => document.referrer

result, same first party: https://test-pages.privacytests2.org/

result, different first party: https://test-pages.privacytests2.org/

unsupported: false

passed: false

test failed: false
Failed
write: (secret) => { /* do nothing */ }

read: () => document.referrer

result, same first party: https://test-pages.privacytests2.org/

result, different first party: https://test-pages.privacytests2.org/

unsupported: false

passed: false

test failed: false
Failed
write: (secret) => { /* do nothing */ }

read: () => document.referrer

result, same first party: https://test-pages.privacytests2.org/

result, different first party: https://test-pages.privacytests2.org/

unsupported: false

passed: false

test failed: false
Failed
write: (secret) => { /* do nothing */ }

read: () => document.referrer

result, same first party: https://test-pages.privacytests2.org/

result, different first party: https://test-pages.privacytests2.org/

unsupported: false

passed: false

test failed: false
Failed
write: (secret) => { /* do nothing */ }

read: () => document.referrer

result, same first party: https://test-pages.privacytests2.org/

result, different first party: https://test-pages.privacytests2.org/

unsupported: false

passed: false

test failed: false
sessionStorage
The sessionStorage API is similar to the localStorage API, but it does not persist across tabs or across browser sessions. Nonetheless, it can be used to track users if they navigate from one website to another. This tracking can be thwarted by partitioning sessionStorage between websites.
              
Passed
write: (secret) => sessionStorage.setItem("secret", secret)

read: () => sessionStorage.getItem("secret")

result, same first party: f7e729f7-9e22-4b1b-baa7-038cdd2b7466

result, different first party: null

unsupported: false

passed: true

test failed: false
Passed
write: (secret) => sessionStorage.setItem("secret", secret)

read: () => sessionStorage.getItem("secret")

result, same first party: eac80989-abd5-4d75-ab7d-bc4b3f378167

result, different first party: null

unsupported: false

passed: true

test failed: false
Passed
write: (secret) => sessionStorage.setItem("secret", secret)

read: () => sessionStorage.getItem("secret")

result, same first party: 8dcf3049-0641-4832-bc66-2373dea8b2ff

result, different first party: null

unsupported: false

passed: true

test failed: false
Passed
write: (secret) => sessionStorage.setItem("secret", secret)

read: () => sessionStorage.getItem("secret")

result, same first party: 25ffccc7-68bd-4d2f-86e0-8a0bb87be277

result, different first party: null

unsupported: false

passed: true

test failed: false
Passed
write: (secret) => sessionStorage.setItem("secret", secret)

read: () => sessionStorage.getItem("secret")

result, same first party: eb0dda01-983e-40e8-b21b-217f51793243

result, different first party: null

unsupported: false

passed: true

test failed: false
Passed
write: (secret) => sessionStorage.setItem("secret", secret)

read: () => sessionStorage.getItem("secret")

result, same first party: e91cf262-3db2-4ce2-9312-b912493f0ef0

result, different first party: null

unsupported: false

passed: true

test failed: false
Passed
write: (secret) => sessionStorage.setItem("secret", secret)

read: () => sessionStorage.getItem("secret")

result, same first party: e54f56ee-527d-4b84-847f-9120b105376f

result, different first party: null

unsupported: false

passed: true

test failed: false
Passed
write: (secret) => sessionStorage.setItem("secret", secret)

read: () => sessionStorage.getItem("secret")

result, same first party: 80df2b1d-cc96-4f9a-8af8-418737aa9557

result, different first party: null

unsupported: false

passed: true

test failed: false
Passed
write: (secret) => sessionStorage.setItem("secret", secret)

read: () => sessionStorage.getItem("secret")

result, same first party: 5c4b21b3-6581-43d2-8006-dc5d38ff986b

result, different first party: null

unsupported: false

passed: true

test failed: false
window.name
The window.name API allows websites to store data that will persist after the user has navigated the tab to a different website. This mechanism could be partitioned so that data is not allowed to persist between websites.
              
Passed
write: (secret) => window.name = "name_" + secret

read: () => window.name

result, same first party: name_f7e729f7-9e22-4b1b-baa7-038cdd2b7466

result, different first party: 

unsupported: false

passed: true

test failed: false
Failed
write: (secret) => window.name = "name_" + secret

read: () => window.name

result, same first party: name_eac80989-abd5-4d75-ab7d-bc4b3f378167

result, different first party: name_eac80989-abd5-4d75-ab7d-bc4b3f378167

unsupported: false

passed: false

test failed: false
Passed
write: (secret) => window.name = "name_" + secret

read: () => window.name

result, same first party: name_8dcf3049-0641-4832-bc66-2373dea8b2ff

result, different first party: 

unsupported: false

passed: true

test failed: false
Failed
write: (secret) => window.name = "name_" + secret

read: () => window.name

result, same first party: name_25ffccc7-68bd-4d2f-86e0-8a0bb87be277

result, different first party: name_25ffccc7-68bd-4d2f-86e0-8a0bb87be277

unsupported: false

passed: false

test failed: false
Passed
write: (secret) => window.name = "name_" + secret

read: () => window.name

result, same first party: name_eb0dda01-983e-40e8-b21b-217f51793243

result, different first party: 

unsupported: false

passed: true

test failed: false
Failed
write: (secret) => window.name = "name_" + secret

read: () => window.name

result, same first party: name_e91cf262-3db2-4ce2-9312-b912493f0ef0

result, different first party: name_e91cf262-3db2-4ce2-9312-b912493f0ef0

unsupported: false

passed: false

test failed: false
Passed
write: (secret) => window.name = "name_" + secret

read: () => window.name

result, same first party: name_e54f56ee-527d-4b84-847f-9120b105376f

result, different first party: 

unsupported: false

passed: true

test failed: false
Passed
write: (secret) => window.name = "name_" + secret

read: () => window.name

result, same first party: name_80df2b1d-cc96-4f9a-8af8-418737aa9557

result, different first party: 

unsupported: false

passed: true

test failed: false
Failed
write: (secret) => window.name = "name_" + secret

read: () => window.name

result, same first party: name_5c4b21b3-6581-43d2-8006-dc5d38ff986b

result, different first party: name_5c4b21b3-6581-43d2-8006-dc5d38ff986b

unsupported: false

passed: false

test failed: false
HTTPS testsWhich browsers prevent unencrypted network connections?
HTTPS is the protocol that web browsers use to connect securely to websites. When HTTPS is being used, the connection is encrypted so that third parties on the network cannot read content being sent between the server and your browser. In the past, insecure connections were the default and websites would need to actively request that a browser use HTTPS. Now the status quo is shifting, and browser makers are moving toward a world where HTTPS is the default protocol.`
        
Insecure website warning
Checks to see if the browser stops loading an insecure website and warns the user before giving them the option to continue. Known as HTTPS-Only Mode in some browsers.
              
Failed
passed: false
result: Insecure website loaded
Failed
passed: false
result: Insecure website loaded
Failed
passed: false
result: Insecure website loaded
Failed
passed: false
result: Insecure website loaded
Failed
passed: false
result: Insecure website loaded
Failed
passed: false
result: Insecure website loaded
Failed
passed: false
result: Insecure website loaded
Passed
passed: true
result: Insecure website never loaded
Failed
passed: false
result: Insecure website loaded
Upgradable address
Checks to see if an insecure address entered into the browser's address bar is upgraded to HTTPS whenever possible.
              
Passed
upgraded: true
passed: true
Passed
upgraded: true
passed: true
Failed
upgraded: false
passed: false
Passed
upgraded: true
passed: true
Failed
upgraded: false
passed: false
Passed
upgraded: true
passed: true
Failed
upgraded: false
passed: false
Passed
upgraded: true
passed: true
Passed
upgraded: true
passed: true
Upgradable hyperlink
Checks to see if the user has clicked on a hyperlink to an insecure address, if the browser upgrades that address to HTTPS whenever possible.
              
Passed
upgraded: true
passed: true
Passed
upgraded: true
passed: true
Failed
upgraded: false
passed: false
Passed
upgraded: true
passed: true
Failed
upgraded: false
passed: false
Passed
upgraded: true
passed: true
Failed
upgraded: false
passed: false
Passed
upgraded: true
passed: true
Passed
upgraded: true
passed: true
Upgradable image
Checks to see if the browser attempts to upgrade an insecure address for an image to HTTPS whenever possible.
              
Passed
passed: true
result: upgraded
Passed
passed: true
result: upgraded
Failed
passed: false
result: loaded insecurely
Passed
passed: true
result: upgraded
Passed
passed: true
result: upgraded
Passed
passed: true
result: upgraded
Passed
passed: true
result: upgraded
Passed
passed: true
result: upgraded
Passed
passed: true
result: upgraded
Upgradable script
Checks to see if the browser attempts to upgrade an insecure address for an script to HTTPS whenever possible.
              
Passed
passed: true
result: blocked
Passed
passed: true
result: blocked
Passed
passed: true
result: blocked
Passed
passed: true
result: blocked
Passed
passed: true
result: blocked
Passed
passed: true
result: blocked
Passed
passed: true
result: blocked
Passed
passed: true
result: upgraded
Passed
passed: true
result: blocked
Misc testsWhich browsers provide additional assorted privacy protections?
This category includes tests for the presence of miscellaneous privacy features
        
ECH enabled
Encrypted Client Hello (ECH) is a new protocol that hides the website you are visiting from third-party network eavesdroppers.
              
Passed
SNI_status: encrypted
passed: true
Passed
SNI_status: encrypted
passed: true
Failed
SNI_status: plaintext
passed: false
Passed
SNI_status: encrypted
passed: true
Passed
SNI_status: encrypted
passed: true
Passed
SNI_status: encrypted
passed: true
Failed
SNI_status: plaintext
passed: false
Failed
SNI_status: plaintext
passed: false
Passed
SNI_status: encrypted
passed: true
GPC enabled first-party
The Global Privacy Control is an HTTP header that can be sent by a browser to instruct a website not to sell the user's personal data to third parties. This test checks to see if the GPC header is sent by default to the top-level website.
              
Passed
header value: 1
passed: true
Failed
header value: undefined
passed: false
Failed
header value: undefined
passed: false
Failed
header value: undefined
passed: false
Failed
header value: undefined
passed: false
Failed
header value: undefined
passed: false
Failed
header value: undefined
passed: false
Failed
header value: undefined
passed: false
Failed
header value: undefined
passed: false
GPC enabled third-party
The Global Privacy Control is an HTTP header that can be sent by a browser to instruct a visited website not to sell the user's personal data to other parties. This test checks to see if the GPC header is sent to third-party elements on the web page.
              
Passed
sec-gpc: 1
passed: true
Failed
passed: false
Failed
passed: false
Failed
passed: false
Failed
passed: false
Failed
passed: false
Failed
passed: false
Failed
passed: false
Failed
passed: false
IP address leak
IP addresses can be used to uniquely identify a large percentage of users. A proxy, VPN, or Tor can mask a user's IP address.
              
Failed
passed: false
Failed
passed: false
Failed
passed: false
Failed
passed: false
Failed
passed: false
Failed
passed: false
Failed
passed: false
Passed
passed: true
Failed
passed: false
Stream isolation
Browsers that use Tor can use a different Tor circuit per top-level website.
              
Unsupported
write: () => {
      if (!usingTor) {
        throw new Error("Unsupported");
      }
    }
read: async () => {
      if (usingTor) {
        return ipAddress;
      } else {
        throw new Error("Unsupported");
      }
    }
unsupported: true
readSameFirstParty: Error: Unsupported
readDifferentFirstParty: Error: Unsupported
testFailed: false
Unsupported
write: () => {
      if (!usingTor) {
        throw new Error("Unsupported");
      }
    }
read: async () => {
      if (usingTor) {
        return ipAddress;
      } else {
        throw new Error("Unsupported");
      }
    }
unsupported: true
readSameFirstParty: Error: Unsupported
readDifferentFirstParty: Error: Unsupported
testFailed: false
Unsupported
write: () => {
      if (!usingTor) {
        throw new Error("Unsupported");
      }
    }
read: async () => {
      if (usingTor) {
        return ipAddress;
      } else {
        throw new Error("Unsupported");
      }
    }
unsupported: true
readSameFirstParty: Error: Unsupported
readDifferentFirstParty: Error: Unsupported
testFailed: false
Unsupported
write: () => {
      if (!usingTor) {
        throw new Error("Unsupported");
      }
    }
read: async () => {
      if (usingTor) {
        return ipAddress;
      } else {
        throw new Error("Unsupported");
      }
    }
unsupported: true
readSameFirstParty: Error: Unsupported
readDifferentFirstParty: Error: Unsupported
testFailed: false
Unsupported
write: () => {
      if (!usingTor) {
        throw new Error("Unsupported");
      }
    }
read: async () => {
      if (usingTor) {
        return ipAddress;
      } else {
        throw new Error("Unsupported");
      }
    }
unsupported: true
readSameFirstParty: Error: Unsupported
readDifferentFirstParty: Error: Unsupported
testFailed: false
Unsupported
write: () => {
      if (!usingTor) {
        throw new Error("Unsupported");
      }
    }
read: async () => {
      if (usingTor) {
        return ipAddress;
      } else {
        throw new Error("Unsupported");
      }
    }
unsupported: true
readSameFirstParty: Error: Unsupported
readDifferentFirstParty: Error: Unsupported
testFailed: false
Unsupported
write: () => {
      if (!usingTor) {
        throw new Error("Unsupported");
      }
    }
read: async () => {
      if (usingTor) {
        return ipAddress;
      } else {
        throw new Error("Unsupported");
      }
    }
unsupported: true
readSameFirstParty: Error: Unsupported
readDifferentFirstParty: Error: Unsupported
testFailed: false
Passed
write: () => {
      if (!usingTor) {
        throw new Error("Unsupported");
      }
    }
read: async () => {
      if (usingTor) {
        return ipAddress;
      } else {
        throw new Error("Unsupported");
      }
    }
unsupported: false
readSameFirstParty: 2605:6400:30:f174:1111:2222:3333:4444
readDifferentFirstParty: 2001:67c:6ec:203:192:42:116:186
passed: true
testFailed: false
Unsupported
write: () => {
      if (!usingTor) {
        throw new Error("Unsupported");
      }
    }
read: async () => {
      if (usingTor) {
        return ipAddress;
      } else {
        throw new Error("Unsupported");
      }
    }
unsupported: true
readSameFirstParty: Error: Unsupported
readDifferentFirstParty: Error: Unsupported
testFailed: false
Tor enabled
The Tor network sends the browser's web requests through a series of relays to hide a user's IP address, thereby helping to mask their identity and location. This test checks to see if the Tor network is being used by default.
              
Failed
IsTorExit: false
passed: false
Failed
IsTorExit: false
passed: false
Failed
IsTorExit: false
passed: false
Failed
IsTorExit: false
passed: false
Failed
IsTorExit: false
passed: false
Failed
IsTorExit: false
passed: false
Failed
IsTorExit: false
passed: false
Passed
IsTorExit: true
passed: true
Failed
IsTorExit: false
passed: false
Fingerprinting resistance testsWhich browsers hide what's unique about your device?
Fingerprinting is a technique trackers use to uniquely identify you as you browse the web. A fingerprinting script will measure several characteristics of your browser and, combining this data, will build a fingerprint that may uniquely identify you among web users. Browsers can introduce countermeasures, such as minimizing the distinguishing information disclosed by certain web APIs so your browser is harder to pick out from the crowd (so-called 'fingerprinting resistance').`,
        
Media query screen height
Height of the user's screen in pixels.
              
Passed
expression: undefined
desired expression: undefined
actual value: 1293
desired value: undefined
passed: true
Failed
expression: undefined
desired expression: undefined
actual value: 1440
desired value: undefined
passed: false
Failed
expression: undefined
desired expression: undefined
actual value: 1440
desired value: undefined
passed: false
Failed
expression: undefined
desired expression: undefined
actual value: 1440
desired value: undefined
passed: false
Failed
expression: undefined
desired expression: undefined
actual value: 1440
desired value: undefined
passed: false
Failed
expression: undefined
desired expression: undefined
actual value: 1440
desired value: undefined
passed: false
Failed
expression: undefined
desired expression: undefined
actual value: 1440
desired value: undefined
passed: false
Passed
expression: undefined
desired expression: undefined
actual value: 900
desired value: undefined
passed: true
Failed
expression: undefined
desired expression: undefined
actual value: 1440
desired value: undefined
passed: false
Media query screen width
Width of the user's screen in pixels.
              
Passed
expression: undefined
desired expression: undefined
actual value: 1164
desired value: undefined
passed: true
Failed
expression: undefined
desired expression: undefined
actual value: 2560
desired value: undefined
passed: false
Failed
expression: undefined
desired expression: undefined
actual value: 2560
desired value: undefined
passed: false
Failed
expression: undefined
desired expression: undefined
actual value: 2560
desired value: undefined
passed: false
Failed
expression: undefined
desired expression: undefined
actual value: 2560
desired value: undefined
passed: false
Failed
expression: undefined
desired expression: undefined
actual value: 2560
desired value: undefined
passed: false
Failed
expression: undefined
desired expression: undefined
actual value: 2560
desired value: undefined
passed: false
Passed
expression: undefined
desired expression: undefined
actual value: 1400
desired value: undefined
passed: true
Failed
expression: undefined
desired expression: undefined
actual value: 2560
desired value: undefined
passed: false
outerHeight
Height of the browser window in pixels, including browser chrome.
              
Passed
expression: outerHeight
desired expression: undefined
actual value: 1293
desired value: undefined
passed: true
Failed
expression: outerHeight
desired expression: undefined
actual value: 1371
desired value: undefined
passed: false
Passed
expression: outerHeight
desired expression: undefined
actual value: 703
desired value: undefined
passed: true
Failed
expression: outerHeight
desired expression: undefined
actual value: 1371
desired value: undefined
passed: false
Failed
expression: outerHeight
desired expression: undefined
actual value: 1040
desired value: undefined
passed: false
Failed
expression: outerHeight
desired expression: undefined
actual value: 1061
desired value: undefined
passed: false
Failed
expression: outerHeight
desired expression: undefined
actual value: 940
desired value: undefined
passed: false
Passed
expression: outerHeight
desired expression: undefined
actual value: 900
desired value: undefined
passed: true
Failed
expression: outerHeight
desired expression: undefined
actual value: 1371
desired value: undefined
passed: false
screen.height
Height of the user's screen, in pixels.
              
Passed
expression: screen.height
desired expression: undefined
actual value: 1293
desired value: undefined
passed: true
Failed
expression: screen.height
desired expression: undefined
actual value: 1440
desired value: undefined
passed: false
Failed
expression: screen.height
desired expression: undefined
actual value: 1440
desired value: undefined
passed: false
Failed
expression: screen.height
desired expression: undefined
actual value: 1440
desired value: undefined
passed: false
Failed
expression: screen.height
desired expression: undefined
actual value: 1440
desired value: undefined
passed: false
Failed
expression: screen.height
desired expression: undefined
actual value: 1440
desired value: undefined
passed: false
Failed
expression: screen.height
desired expression: undefined
actual value: 1440
desired value: undefined
passed: false
Passed
expression: screen.height
desired expression: undefined
actual value: 900
desired value: undefined
passed: true
Failed
expression: screen.height
desired expression: undefined
actual value: 1440
desired value: undefined
passed: false
screen.width
Width of the user's screen, in pixels.
              
Passed
expression: screen.width
desired expression: undefined
actual value: 1164
desired value: undefined
passed: true
Failed
expression: screen.width
desired expression: undefined
actual value: 2560
desired value: undefined
passed: false
Failed
expression: screen.width
desired expression: undefined
actual value: 2560
desired value: undefined
passed: false
Failed
expression: screen.width
desired expression: undefined
actual value: 2560
desired value: undefined
passed: false
Failed
expression: screen.width
desired expression: undefined
actual value: 2560
desired value: undefined
passed: false
Failed
expression: screen.width
desired expression: undefined
actual value: 2560
desired value: undefined
passed: false
Failed
expression: screen.width
desired expression: undefined
actual value: 2560
desired value: undefined
passed: false
Passed
expression: screen.width
desired expression: undefined
actual value: 1400
desired value: undefined
passed: true
Failed
expression: screen.width
desired expression: undefined
actual value: 2560
desired value: undefined
passed: false
screenX
Position, in pixels, of the left edge of the browser window on screen.
              
Passed
expression: screenX
desired expression: undefined
actual value: 8
desired value: undefined
passed: true
Failed
expression: screenX
desired expression: undefined
actual value: 22
desired value: undefined
passed: false
Passed
expression: screenX
desired expression: undefined
actual value: 0
desired value: undefined
passed: true
Failed
expression: screenX
desired expression: undefined
actual value: 22
desired value: undefined
passed: false
Failed
expression: screenX
desired expression: undefined
actual value: 642
desired value: undefined
passed: false
Failed
expression: screenX
desired expression: undefined
actual value: 320
desired value: undefined
passed: false
Failed
expression: screenX
desired expression: undefined
actual value: 340
desired value: undefined
passed: false
Passed
expression: screenX
desired expression: undefined
actual value: 0
desired value: undefined
passed: true
Failed
expression: screenX
desired expression: undefined
actual value: 22
desired value: undefined
passed: false
screenY
Position, in pixels, of the top edge of the browser window on screen.
              
Passed
expression: screenY
desired expression: undefined
actual value: 0
desired value: undefined
passed: true
Failed
expression: screenY
desired expression: undefined
actual value: 47
desired value: undefined
passed: false
Failed
expression: screenY
desired expression: undefined
actual value: 1440
desired value: undefined
passed: false
Failed
expression: screenY
desired expression: undefined
actual value: 47
desired value: undefined
passed: false
Failed
expression: screenY
desired expression: undefined
actual value: 355
desired value: undefined
passed: false
Failed
expression: screenY
desired expression: undefined
actual value: 202
desired value: undefined
passed: false
Failed
expression: screenY
desired expression: undefined
actual value: 500
desired value: undefined
passed: false
Passed
expression: screenY
desired expression: undefined
actual value: 0
desired value: undefined
passed: true
Failed
expression: screenY
desired expression: undefined
actual value: 47
desired value: undefined
passed: false
System font detection
Web pages can detect the presence of a font installed on the user's system. The presence or absence of various fonts is commonly used to fingerprint users.
              
Passed
expression: undefined
desired expression: undefined
actual value: undefined
desired value: undefined
passed: true
Failed
expression: undefined
desired expression: undefined
actual value: undefined
desired value: undefined
passed: false
Failed
expression: undefined
desired expression: undefined
actual value: undefined
desired value: undefined
passed: false
Failed
expression: undefined
desired expression: undefined
actual value: undefined
desired value: undefined
passed: false
Failed
expression: undefined
desired expression: undefined
actual value: undefined
desired value: undefined
passed: false
Failed
expression: undefined
desired expression: undefined
actual value: undefined
desired value: undefined
passed: false
Passed
expression: undefined
desired expression: undefined
actual value: undefined
desired value: undefined
passed: true
Passed
expression: undefined
desired expression: undefined
actual value: undefined
desired value: undefined
passed: true
Failed
expression: undefined
desired expression: undefined
actual value: undefined
desired value: undefined
passed: false
Tracking query parameter testsWhich browsers remove URL parameters that can track you?
When you browse from one web page to another, tracking companies will frequently attach a 'tracking query parameter' to the address of the second web page. That query parameter may contain a unique identifier that tracks you individually as you browse the web. And these query parameters are frequently synchronized with cookies, making them a powerful tracking vector. Web browsers can protect you from known tracking query parameters by stripping them from web addresses before your browser sends them. (The set of tracking query parameters tested here was largely borrowed from Brave.)`
        
__hsfp
HubSpot tracking parameter
              
Passed
passed: true
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Passed
passed: true
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Passed
passed: true
Failed
value: 01752447911282684
passed: false
__hssc
HubSpot tracking parameter
              
Passed
passed: true
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Passed
passed: true
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Passed
passed: true
Failed
value: 01752447911282684
passed: false
__hstc
HubSpot tracking parameter
              
Passed
passed: true
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Passed
passed: true
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Passed
passed: true
Failed
value: 01752447911282684
passed: false
__s
Drip.com email address tracking parameter
              
Passed
passed: true
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Passed
passed: true
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Passed
passed: true
Failed
value: 01752447911282684
passed: false
_hsenc
HubSpot tracking parameter
              
Passed
passed: true
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Passed
passed: true
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Passed
passed: true
Failed
value: 01752447911282684
passed: false
_openstat
Yandex tracking parameter
              
Passed
passed: true
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Passed
passed: true
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Passed
passed: true
Failed
value: 01752447911282684
passed: false
dclid
DoubleClick Click ID (Google)
              
Passed
passed: true
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Passed
passed: true
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Passed
passed: true
Failed
value: 01752447911282684
passed: false
fbclid
Facebook Click Identifier
              
Passed
passed: true
Failed
value: 01752447911282684
passed: false
Passed
passed: true
Failed
value: 01752447911282684
passed: false
Passed
passed: true
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Passed
passed: true
Failed
value: 01752447911282684
passed: false
gclid
Google Click Identifier
              
Passed
passed: true
Failed
value: 01752447911282684
passed: false
Passed
passed: true
Failed
value: 01752447911282684
passed: false
Passed
passed: true
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Passed
passed: true
Failed
value: 01752447911282684
passed: false
hsCtaTracking
HubSpot tracking parameter
              
Passed
passed: true
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Passed
passed: true
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Passed
passed: true
Failed
value: 01752447911282684
passed: false
mc_eid
Mailchimp Email ID (email recipient's address)
              
Passed
passed: true
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Passed
passed: true
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Passed
passed: true
Failed
value: 01752447911282684
passed: false
mkt_tok
Adobe Marketo tracking parameter
              
Passed
passed: true
Failed
value: 01752447911282684
passed: false
Passed
passed: true
Failed
value: 01752447911282684
passed: false
Passed
passed: true
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Passed
passed: true
Failed
value: 01752447911282684
passed: false
ml_subscriber
MailerLite email tracking
              
Passed
passed: true
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
ml_subscriber_hash
MailerLite email tracking
              
Passed
passed: true
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
msclkid
Microsoft Click ID
              
Passed
passed: true
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Passed
passed: true
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Passed
passed: true
Failed
value: 01752447911282684
passed: false
oly_anon_id
Omeda marketing 'anonymous' customer id
              
Passed
passed: true
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Passed
passed: true
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Passed
passed: true
Failed
value: 01752447911282684
passed: false
oly_enc_id
Omeda marketing 'known' customer id
              
Passed
passed: true
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Passed
passed: true
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Passed
passed: true
Failed
value: 01752447911282684
passed: false
rb_clickid
Unknown high-entropy tracking parameter
              
Passed
passed: true
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
s_cid
Adobe Site Catalyst tracking parameter
              
Passed
passed: true
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
vero_conv
Vero tracking parameter
              
Passed
passed: true
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
vero_id
Vero tracking parameter
              
Passed
passed: true
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Passed
passed: true
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Passed
passed: true
Failed
value: 01752447911282684
passed: false
wickedid
Wicked Reports e-commerce tracking
              
Passed
passed: true
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Passed
passed: true
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Passed
passed: true
Failed
value: 01752447911282684
passed: false
yclid
Yandex Click ID
              
Passed
passed: true
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Passed
passed: true
Failed
value: 01752447911282684
passed: false
Failed
value: 01752447911282684
passed: false
Passed
passed: true
Failed
value: 01752447911282684
passed: false
Tracker content blocking testsWhich browsers block important known tracking scripts and pixels?
When you visit a web page, it frequently has third-party embedded tracking content, such as scripts and tracking pixels. These embedded components spy on you. Some browsers and browser extensions maintain list of tracking companies and block their content from being loaded. This section checks to see if a browser blocks 20 of the largest trackers listed by https://whotracks.me.`
        
Adobe
Tests whether the browser blocks the page from loading the tracker at https://munchkin.marketo.net/munchkin.js
              
Passed
url: https://munchkin.marketo.net/munchkin.js
passed: true
Failed
url: https://munchkin.marketo.net/munchkin.js
passed: false
Passed
url: https://munchkin.marketo.net/munchkin.js
passed: true
Failed
url: https://munchkin.marketo.net/munchkin.js
passed: false
Failed
url: https://munchkin.marketo.net/munchkin.js
passed: false
Failed
url: https://munchkin.marketo.net/munchkin.js
passed: false
Failed
url: https://munchkin.marketo.net/munchkin.js
passed: false
Failed
url: https://munchkin.marketo.net/munchkin.js
passed: false
Failed
url: https://munchkin.marketo.net/munchkin.js
passed: false
Adobe Audience Manager
Tests whether the browser blocks the page from loading the tracker at https://dpm.demdex.net/ibs
              
Passed
url: https://dpm.demdex.net/ibs
passed: true
Failed
url: https://dpm.demdex.net/ibs
passed: false
Passed
url: https://dpm.demdex.net/ibs
passed: true
Failed
url: https://dpm.demdex.net/ibs
passed: false
Failed
url: https://dpm.demdex.net/ibs
passed: false
Failed
url: https://dpm.demdex.net/ibs
passed: false
Failed
url: https://dpm.demdex.net/ibs
passed: false
Failed
url: https://dpm.demdex.net/ibs
passed: false
Failed
url: https://dpm.demdex.net/ibs
passed: false
Amazon adsystem
Tests whether the browser blocks the page from loading the tracker at https://s.amazon-adsystem.com/dcm
              
Passed
url: https://s.amazon-adsystem.com/dcm
passed: true
Failed
url: https://s.amazon-adsystem.com/dcm
passed: false
Passed
url: https://s.amazon-adsystem.com/dcm
passed: true
Failed
url: https://s.amazon-adsystem.com/dcm
passed: false
Failed
url: https://s.amazon-adsystem.com/dcm
passed: false
Failed
url: https://s.amazon-adsystem.com/dcm
passed: false
Failed
url: https://s.amazon-adsystem.com/dcm
passed: false
Failed
url: https://s.amazon-adsystem.com/dcm
passed: false
Failed
url: https://s.amazon-adsystem.com/dcm
passed: false
AppNexus
Tests whether the browser blocks the page from loading the tracker at https://ib.adnxs.com/px?id=178248&t=1
              
Passed
url: https://ib.adnxs.com/px?id=178248&t=1
passed: true
Failed
url: https://ib.adnxs.com/px?id=178248&t=1
passed: false
Passed
url: https://ib.adnxs.com/px?id=178248&t=1
passed: true
Failed
url: https://ib.adnxs.com/px?id=178248&t=1
passed: false
Failed
url: https://ib.adnxs.com/px?id=178248&t=1
passed: false
Failed
url: https://ib.adnxs.com/px?id=178248&t=1
passed: false
Failed
url: https://ib.adnxs.com/px?id=178248&t=1
passed: false
Failed
url: https://ib.adnxs.com/px?id=178248&t=1
passed: false
Failed
url: https://ib.adnxs.com/px?id=178248&t=1
passed: false
Bing Ads
Tests whether the browser blocks the page from loading the tracker at https://bat.bing.com/bat.js
              
Passed
url: https://bat.bing.com/bat.js
passed: true
Failed
url: https://bat.bing.com/bat.js
passed: false
Passed
url: https://bat.bing.com/bat.js
passed: true
Failed
url: https://bat.bing.com/bat.js
passed: false
Failed
url: https://bat.bing.com/bat.js
passed: false
Failed
url: https://bat.bing.com/bat.js
passed: false
Failed
url: https://bat.bing.com/bat.js
passed: false
Failed
url: https://bat.bing.com/bat.js
passed: false
Failed
url: https://bat.bing.com/bat.js
passed: false
Chartbeat
Tests whether the browser blocks the page from loading the tracker at https://static.chartbeat.com/js/chartbeat.js
              
Failed
url: https://static.chartbeat.com/js/chartbeat.js
passed: false
Failed
url: https://static.chartbeat.com/js/chartbeat.js
passed: false
Passed
url: https://static.chartbeat.com/js/chartbeat.js
passed: true
Failed
url: https://static.chartbeat.com/js/chartbeat.js
passed: false
Failed
url: https://static.chartbeat.com/js/chartbeat.js
passed: false
Failed
url: https://static.chartbeat.com/js/chartbeat.js
passed: false
Failed
url: https://static.chartbeat.com/js/chartbeat.js
passed: false
Failed
url: https://static.chartbeat.com/js/chartbeat.js
passed: false
Failed
url: https://static.chartbeat.com/js/chartbeat.js
passed: false
Criteo
Tests whether the browser blocks the page from loading the tracker at https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx
              
Passed
url: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx
passed: true
Failed
url: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx
passed: false
Passed
url: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx
passed: true
Failed
url: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx
passed: false
Failed
url: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx
passed: false
Failed
url: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx
passed: false
Failed
url: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx
passed: false
Failed
url: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx
passed: false
Failed
url: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx
passed: false
DoubleClick (Google)
Tests whether the browser blocks the page from loading the tracker at https://securepubads.g.doubleclick.net/static/glade.js
              
Passed
url: https://securepubads.g.doubleclick.net/static/glade.js
passed: true
Failed
url: https://securepubads.g.doubleclick.net/static/glade.js
passed: false
Passed
url: https://securepubads.g.doubleclick.net/static/glade.js
passed: true
Failed
url: https://securepubads.g.doubleclick.net/static/glade.js
passed: false
Failed
url: https://securepubads.g.doubleclick.net/static/glade.js
passed: false
Failed
url: https://securepubads.g.doubleclick.net/static/glade.js
passed: false
Failed
url: https://securepubads.g.doubleclick.net/static/glade.js
passed: false
Failed
url: https://securepubads.g.doubleclick.net/static/glade.js
passed: false
Failed
url: https://securepubads.g.doubleclick.net/static/glade.js
passed: false
Facebook tracking
Tests whether the browser blocks the page from loading the tracker at https://connect.facebook.net/en_US/fbevents.js
              
Passed
url: https://connect.facebook.net/en_US/fbevents.js
passed: true
Failed
url: https://connect.facebook.net/en_US/fbevents.js
passed: false
Passed
url: https://connect.facebook.net/en_US/fbevents.js
passed: true
Failed
url: https://connect.facebook.net/en_US/fbevents.js
passed: false
Failed
url: https://connect.facebook.net/en_US/fbevents.js
passed: false
Failed
url: https://connect.facebook.net/en_US/fbevents.js
passed: false
Failed
url: https://connect.facebook.net/en_US/fbevents.js
passed: false
Failed
url: https://connect.facebook.net/en_US/fbevents.js
passed: false
Failed
url: https://connect.facebook.net/en_US/fbevents.js
passed: false
Google (third-party ad pixel)
Tests whether the browser blocks the page from loading the tracker at https://www.google.com/pagead/1p-user-list/
              
Passed
url: https://www.google.com/pagead/1p-user-list/
passed: true
Failed
url: https://www.google.com/pagead/1p-user-list/
passed: false
Passed
url: https://www.google.com/pagead/1p-user-list/
passed: true
Failed
url: https://www.google.com/pagead/1p-user-list/
passed: false
Failed
url: https://www.google.com/pagead/1p-user-list/
passed: false
Failed
url: https://www.google.com/pagead/1p-user-list/
passed: false
Failed
url: https://www.google.com/pagead/1p-user-list/
passed: false
Failed
url: https://www.google.com/pagead/1p-user-list/
passed: false
Failed
url: https://www.google.com/pagead/1p-user-list/
passed: false
Google Analytics
Tests whether the browser blocks the page from loading the tracker at https://google-analytics.com/urchin.js
              
Passed
url: https://google-analytics.com/urchin.js
passed: true
Failed
url: https://google-analytics.com/urchin.js
passed: false
Passed
url: https://google-analytics.com/urchin.js
passed: true
Failed
url: https://google-analytics.com/urchin.js
passed: false
Failed
url: https://google-analytics.com/urchin.js
passed: false
Failed
url: https://google-analytics.com/urchin.js
passed: false
Failed
url: https://google-analytics.com/urchin.js
passed: false
Failed
url: https://google-analytics.com/urchin.js
passed: false
Failed
url: https://google-analytics.com/urchin.js
passed: false
Google Tag Manager
Tests whether the browser blocks the page from loading the tracker at https://www.googletagmanager.com/gtag.js?id=GTM-NX4SMZL
              
Passed
url: https://www.googletagmanager.com/gtag.js?id=GTM-NX4SMZL
passed: true
Failed
url: https://www.googletagmanager.com/gtag.js?id=GTM-NX4SMZL
passed: false
Passed
url: https://www.googletagmanager.com/gtag.js?id=GTM-NX4SMZL
passed: true
Failed
url: https://www.googletagmanager.com/gtag.js?id=GTM-NX4SMZL
passed: false
Failed
url: https://www.googletagmanager.com/gtag.js?id=GTM-NX4SMZL
passed: false
Failed
url: https://www.googletagmanager.com/gtag.js?id=GTM-NX4SMZL
passed: false
Failed
url: https://www.googletagmanager.com/gtag.js?id=GTM-NX4SMZL
passed: false
Failed
url: https://www.googletagmanager.com/gtag.js?id=GTM-NX4SMZL
passed: false
Failed
url: https://www.googletagmanager.com/gtag.js?id=GTM-NX4SMZL
passed: false
Index Exchange
Tests whether the browser blocks the page from loading the tracker at https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=629685505537&C=1
              
Passed
url: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=629685505537&C=1
passed: true
Failed
url: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=629685505537&C=1
passed: false
Passed
url: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=629685505537&C=1
passed: true
Failed
url: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=629685505537&C=1
passed: false
Failed
url: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=629685505537&C=1
passed: false
Failed
url: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=629685505537&C=1
passed: false
Failed
url: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=629685505537&C=1
passed: false
Failed
url: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=629685505537&C=1
passed: false
Failed
url: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=629685505537&C=1
passed: false
New Relic
Tests whether the browser blocks the page from loading the tracker at https://js-agent.newrelic.com/nr-1212.min.js
              
Passed
url: https://js-agent.newrelic.com/nr-1212.min.js
passed: true
Failed
url: https://js-agent.newrelic.com/nr-1212.min.js
passed: false
Passed
url: https://js-agent.newrelic.com/nr-1212.min.js
passed: true
Failed
url: https://js-agent.newrelic.com/nr-1212.min.js
passed: false
Failed
url: https://js-agent.newrelic.com/nr-1212.min.js
passed: false
Failed
url: https://js-agent.newrelic.com/nr-1212.min.js
passed: false
Failed
url: https://js-agent.newrelic.com/nr-1212.min.js
passed: false
Failed
url: https://js-agent.newrelic.com/nr-1212.min.js
passed: false
Failed
url: https://js-agent.newrelic.com/nr-1212.min.js
passed: false
Quantcast
Tests whether the browser blocks the page from loading the tracker at https://pixel.quantserve.com/pixel
              
Passed
url: https://pixel.quantserve.com/pixel
passed: true
Failed
url: https://pixel.quantserve.com/pixel
passed: false
Passed
url: https://pixel.quantserve.com/pixel
passed: true
Failed
url: https://pixel.quantserve.com/pixel
passed: false
Failed
url: https://pixel.quantserve.com/pixel
passed: false
Failed
url: https://pixel.quantserve.com/pixel
passed: false
Failed
url: https://pixel.quantserve.com/pixel
passed: false
Failed
url: https://pixel.quantserve.com/pixel
passed: false
Failed
url: https://pixel.quantserve.com/pixel
passed: false
Scorecard Research Beacon
Tests whether the browser blocks the page from loading the tracker at https://sb.scorecardresearch.com/internal-c2/default/cs.js
              
Passed
url: https://sb.scorecardresearch.com/internal-c2/default/cs.js
passed: true
Failed
url: https://sb.scorecardresearch.com/internal-c2/default/cs.js
passed: false
Passed
url: https://sb.scorecardresearch.com/internal-c2/default/cs.js
passed: true
Failed
url: https://sb.scorecardresearch.com/internal-c2/default/cs.js
passed: false
Failed
url: https://sb.scorecardresearch.com/internal-c2/default/cs.js
passed: false
Failed
url: https://sb.scorecardresearch.com/internal-c2/default/cs.js
passed: false
Failed
url: https://sb.scorecardresearch.com/internal-c2/default/cs.js
passed: false
Failed
url: https://sb.scorecardresearch.com/internal-c2/default/cs.js
passed: false
Failed
url: https://sb.scorecardresearch.com/internal-c2/default/cs.js
passed: false
Taboola
Tests whether the browser blocks the page from loading the tracker at https://trc.taboola.com/futureplc-tomsguide/trc/3/json
              
Passed
url: https://trc.taboola.com/futureplc-tomsguide/trc/3/json
passed: true
Failed
url: https://trc.taboola.com/futureplc-tomsguide/trc/3/json
passed: false
Passed
url: https://trc.taboola.com/futureplc-tomsguide/trc/3/json
passed: true
Failed
url: https://trc.taboola.com/futureplc-tomsguide/trc/3/json
passed: false
Failed
url: https://trc.taboola.com/futureplc-tomsguide/trc/3/json
passed: false
Failed
url: https://trc.taboola.com/futureplc-tomsguide/trc/3/json
passed: false
Failed
url: https://trc.taboola.com/futureplc-tomsguide/trc/3/json
passed: false
Failed
url: https://trc.taboola.com/futureplc-tomsguide/trc/3/json
passed: false
Failed
url: https://trc.taboola.com/futureplc-tomsguide/trc/3/json
passed: false
Twitter pixel
Tests whether the browser blocks the page from loading the tracker at https://t.co/i/adsct
              
Passed
url: https://t.co/i/adsct
passed: true
Failed
url: https://t.co/i/adsct
passed: false
Passed
url: https://t.co/i/adsct
passed: true
Failed
url: https://t.co/i/adsct
passed: false
Failed
url: https://t.co/i/adsct
passed: false
Failed
url: https://t.co/i/adsct
passed: false
Failed
url: https://t.co/i/adsct
passed: false
Failed
url: https://t.co/i/adsct
passed: false
Failed
url: https://t.co/i/adsct
passed: false
Yandex Ads
Tests whether the browser blocks the page from loading the tracker at https://yandex.ru/ads/system/header-bidding.js
              
Passed
url: https://yandex.ru/ads/system/header-bidding.js
passed: true
Failed
url: https://yandex.ru/ads/system/header-bidding.js
passed: false
Passed
url: https://yandex.ru/ads/system/header-bidding.js
passed: true
Failed
url: https://yandex.ru/ads/system/header-bidding.js
passed: false
Failed
url: https://yandex.ru/ads/system/header-bidding.js
passed: false
Failed
url: https://yandex.ru/ads/system/header-bidding.js
passed: false
Failed
url: https://yandex.ru/ads/system/header-bidding.js
passed: false
Failed
url: https://yandex.ru/ads/system/header-bidding.js
passed: false
Failed
url: https://yandex.ru/ads/system/header-bidding.js
passed: false
Tracking cookie protection testsWhich browsers block important known tracking cookies?
A large fraction of web pages on the web have hidden third-party trackers that read and write cookies in your browser. These cookies can be used to track your browsing across websites. This section checks to see if a browser stops cross-site tracking by cookies from 20 of the largest trackers listed by https://whotracks.me.`,
        
Adobe
Tests whether the browser stops cookies from munchkin.marketo.net from tracking users across websites.
              
Passed
passed: true
url: https://munchkin.marketo.net/munchkin.js
cookieFound: false
Failed
passed: false
url: https://munchkin.marketo.net/munchkin.js
cookieFound: true
Passed
passed: true
url: https://munchkin.marketo.net/munchkin.js
cookieFound: false
Passed
passed: true
url: https://munchkin.marketo.net/munchkin.js
cookieFound: false
Passed
passed: true
url: https://munchkin.marketo.net/munchkin.js
cookieFound: false
Failed
passed: false
url: https://munchkin.marketo.net/munchkin.js
cookieFound: true
Passed
passed: true
url: https://munchkin.marketo.net/munchkin.js
cookieFound: false
Passed
passed: true
url: https://munchkin.marketo.net/munchkin.js
cookieFound: false
Failed
passed: false
url: https://munchkin.marketo.net/munchkin.js
cookieFound: true
Adobe Audience Manager
Tests whether the browser stops cookies from dpm.demdex.net from tracking users across websites.
              
Passed
passed: true
url: https://dpm.demdex.net/ibs
cookieFound: false
Failed
passed: false
url: https://dpm.demdex.net/ibs
cookieFound: true
Passed
passed: true
url: https://dpm.demdex.net/ibs
cookieFound: false
Passed
passed: true
url: https://dpm.demdex.net/ibs
cookieFound: false
Passed
passed: true
url: https://dpm.demdex.net/ibs
cookieFound: false
Failed
passed: false
url: https://dpm.demdex.net/ibs
cookieFound: true
Passed
passed: true
url: https://dpm.demdex.net/ibs
cookieFound: false
Passed
passed: true
url: https://dpm.demdex.net/ibs
cookieFound: false
Failed
passed: false
url: https://dpm.demdex.net/ibs
cookieFound: true
Amazon adsystem
Tests whether the browser stops cookies from s.amazon-adsystem.com from tracking users across websites.
              
Passed
passed: true
url: https://s.amazon-adsystem.com/dcm
cookieFound: false
Failed
passed: false
url: https://s.amazon-adsystem.com/dcm
cookieFound: true
Passed
passed: true
url: https://s.amazon-adsystem.com/dcm
cookieFound: false
Passed
passed: true
url: https://s.amazon-adsystem.com/dcm
cookieFound: false
Passed
passed: true
url: https://s.amazon-adsystem.com/dcm
cookieFound: false
Failed
passed: false
url: https://s.amazon-adsystem.com/dcm
cookieFound: true
Passed
passed: true
url: https://s.amazon-adsystem.com/dcm
cookieFound: false
Passed
passed: true
url: https://s.amazon-adsystem.com/dcm
cookieFound: false
Failed
passed: false
url: https://s.amazon-adsystem.com/dcm
cookieFound: true
AppNexus
Tests whether the browser stops cookies from ib.adnxs.com from tracking users across websites.
              
Passed
passed: true
url: https://ib.adnxs.com/px?id=178248&t=1
cookieFound: false
Failed
passed: false
url: https://ib.adnxs.com/px?id=178248&t=1
cookieFound: true
Passed
passed: true
url: https://ib.adnxs.com/px?id=178248&t=1
cookieFound: false
Failed
passed: false
url: https://ib.adnxs.com/px?id=178248&t=1
cookieFound: true
Passed
passed: true
url: https://ib.adnxs.com/px?id=178248&t=1
cookieFound: false
Failed
passed: false
url: https://ib.adnxs.com/px?id=178248&t=1
cookieFound: true
Passed
passed: true
url: https://ib.adnxs.com/px?id=178248&t=1
cookieFound: false
Passed
passed: true
url: https://ib.adnxs.com/px?id=178248&t=1
cookieFound: false
Failed
passed: false
url: https://ib.adnxs.com/px?id=178248&t=1
cookieFound: true
Bing Ads
Tests whether the browser stops cookies from bat.bing.com from tracking users across websites.
              
Passed
passed: true
url: https://bat.bing.com/bat.js
cookieFound: false
Failed
passed: false
url: https://bat.bing.com/bat.js
cookieFound: true
Passed
passed: true
url: https://bat.bing.com/bat.js
cookieFound: false
Failed
passed: false
url: https://bat.bing.com/bat.js
cookieFound: true
Passed
passed: true
url: https://bat.bing.com/bat.js
cookieFound: false
Failed
passed: false
url: https://bat.bing.com/bat.js
cookieFound: true
Passed
passed: true
url: https://bat.bing.com/bat.js
cookieFound: false
Passed
passed: true
url: https://bat.bing.com/bat.js
cookieFound: false
Failed
passed: false
url: https://bat.bing.com/bat.js
cookieFound: true
Chartbeat
Tests whether the browser stops cookies from static.chartbeat.com from tracking users across websites.
              
Passed
passed: true
url: https://static.chartbeat.com/js/chartbeat.js
cookieFound: false
Failed
passed: false
url: https://static.chartbeat.com/js/chartbeat.js
cookieFound: true
Passed
passed: true
url: https://static.chartbeat.com/js/chartbeat.js
cookieFound: false
Failed
passed: false
url: https://static.chartbeat.com/js/chartbeat.js
cookieFound: true
Passed
passed: true
url: https://static.chartbeat.com/js/chartbeat.js
cookieFound: false
Failed
passed: false
url: https://static.chartbeat.com/js/chartbeat.js
cookieFound: true
Passed
passed: true
url: https://static.chartbeat.com/js/chartbeat.js
cookieFound: false
Passed
passed: true
url: https://static.chartbeat.com/js/chartbeat.js
cookieFound: false
Failed
passed: false
url: https://static.chartbeat.com/js/chartbeat.js
cookieFound: true
Criteo
Tests whether the browser stops cookies from dis.criteo.com from tracking users across websites.
              
Passed
passed: true
url: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx
cookieFound: false
Failed
passed: false
url: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx
cookieFound: true
Passed
passed: true
url: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx
cookieFound: false
Passed
passed: true
url: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx
cookieFound: false
Passed
passed: true
url: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx
cookieFound: false
Failed
passed: false
url: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx
cookieFound: true
Passed
passed: true
url: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx
cookieFound: false
Passed
passed: true
url: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx
cookieFound: false
Failed
passed: false
url: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx
cookieFound: true
DoubleClick (Google)
Tests whether the browser stops cookies from securepubads.g.doubleclick.net from tracking users across websites.
              
Passed
passed: true
url: https://securepubads.g.doubleclick.net/static/glade.js
cookieFound: false
Failed
passed: false
url: https://securepubads.g.doubleclick.net/static/glade.js
cookieFound: true
Passed
passed: true
url: https://securepubads.g.doubleclick.net/static/glade.js
cookieFound: false
Passed
passed: true
url: https://securepubads.g.doubleclick.net/static/glade.js
cookieFound: false
Passed
passed: true
url: https://securepubads.g.doubleclick.net/static/glade.js
cookieFound: false
Failed
passed: false
url: https://securepubads.g.doubleclick.net/static/glade.js
cookieFound: true
Passed
passed: true
url: https://securepubads.g.doubleclick.net/static/glade.js
cookieFound: false
Passed
passed: true
url: https://securepubads.g.doubleclick.net/static/glade.js
cookieFound: false
Failed
passed: false
url: https://securepubads.g.doubleclick.net/static/glade.js
cookieFound: true
Facebook tracking
Tests whether the browser stops cookies from connect.facebook.net from tracking users across websites.
              
Passed
passed: true
url: https://connect.facebook.net/en_US/fbevents.js
cookieFound: false
Failed
passed: false
url: https://connect.facebook.net/en_US/fbevents.js
cookieFound: true
Passed
passed: true
url: https://connect.facebook.net/en_US/fbevents.js
cookieFound: false
Passed
passed: true
url: https://connect.facebook.net/en_US/fbevents.js
cookieFound: false
Passed
passed: true
url: https://connect.facebook.net/en_US/fbevents.js
cookieFound: false
Failed
passed: false
url: https://connect.facebook.net/en_US/fbevents.js
cookieFound: true
Passed
passed: true
url: https://connect.facebook.net/en_US/fbevents.js
cookieFound: false
Passed
passed: true
url: https://connect.facebook.net/en_US/fbevents.js
cookieFound: false
Failed
passed: false
url: https://connect.facebook.net/en_US/fbevents.js
cookieFound: true
Google (third-party ad pixel)
Tests whether the browser stops cookies from www.google.com from tracking users across websites.
              
Passed
passed: true
url: https://www.google.com/pagead/1p-user-list/
cookieFound: false
Failed
passed: false
url: https://www.google.com/pagead/1p-user-list/
cookieFound: true
Passed
passed: true
url: https://www.google.com/pagead/1p-user-list/
cookieFound: false
Passed
passed: true
url: https://www.google.com/pagead/1p-user-list/
cookieFound: false
Passed
passed: true
url: https://www.google.com/pagead/1p-user-list/
cookieFound: false
Failed
passed: false
url: https://www.google.com/pagead/1p-user-list/
cookieFound: true
Passed
passed: true
url: https://www.google.com/pagead/1p-user-list/
cookieFound: false
Passed
passed: true
url: https://www.google.com/pagead/1p-user-list/
cookieFound: false
Failed
passed: false
url: https://www.google.com/pagead/1p-user-list/
cookieFound: true
Google Analytics
Tests whether the browser stops cookies from google-analytics.com from tracking users across websites.
              
Passed
passed: true
url: https://google-analytics.com/urchin.js
cookieFound: false
Failed
passed: false
url: https://google-analytics.com/urchin.js
cookieFound: true
Passed
passed: true
url: https://google-analytics.com/urchin.js
cookieFound: false
Failed
passed: false
url: https://google-analytics.com/urchin.js
cookieFound: true
Passed
passed: true
url: https://google-analytics.com/urchin.js
cookieFound: false
Failed
passed: false
url: https://google-analytics.com/urchin.js
cookieFound: true
Passed
passed: true
url: https://google-analytics.com/urchin.js
cookieFound: false
Passed
passed: true
url: https://google-analytics.com/urchin.js
cookieFound: false
Failed
passed: false
url: https://google-analytics.com/urchin.js
cookieFound: true
Google Tag Manager
Tests whether the browser stops cookies from www.googletagmanager.com from tracking users across websites.
              
Passed
passed: true
url: https://www.googletagmanager.com/gtag.js?id=GTM-NX4SMZL
cookieFound: false
Failed
passed: false
url: https://www.googletagmanager.com/gtag.js?id=GTM-NX4SMZL
cookieFound: true
Passed
passed: true
url: https://www.googletagmanager.com/gtag.js?id=GTM-NX4SMZL
cookieFound: false
Failed
passed: false
url: https://www.googletagmanager.com/gtag.js?id=GTM-NX4SMZL
cookieFound: true
Passed
passed: true
url: https://www.googletagmanager.com/gtag.js?id=GTM-NX4SMZL
cookieFound: false
Failed
passed: false
url: https://www.googletagmanager.com/gtag.js?id=GTM-NX4SMZL
cookieFound: true
Passed
passed: true
url: https://www.googletagmanager.com/gtag.js?id=GTM-NX4SMZL
cookieFound: false
Passed
passed: true
url: https://www.googletagmanager.com/gtag.js?id=GTM-NX4SMZL
cookieFound: false
Failed
passed: false
url: https://www.googletagmanager.com/gtag.js?id=GTM-NX4SMZL
cookieFound: true
Index Exchange
Tests whether the browser stops cookies from dsum-sec.casalemedia.com from tracking users across websites.
              
Passed
passed: true
url: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=629685505537&C=1
cookieFound: false
Failed
passed: false
url: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=629685505537&C=1
cookieFound: true
Passed
passed: true
url: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=629685505537&C=1
cookieFound: false
Passed
passed: true
url: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=629685505537&C=1
cookieFound: false
Passed
passed: true
url: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=629685505537&C=1
cookieFound: false
Failed
passed: false
url: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=629685505537&C=1
cookieFound: true
Passed
passed: true
url: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=629685505537&C=1
cookieFound: false
Passed
passed: true
url: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=629685505537&C=1
cookieFound: false
Failed
passed: false
url: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=629685505537&C=1
cookieFound: true
New Relic
Tests whether the browser stops cookies from js-agent.newrelic.com from tracking users across websites.
              
Passed
passed: true
url: https://js-agent.newrelic.com/nr-1212.min.js
cookieFound: false
Failed
passed: false
url: https://js-agent.newrelic.com/nr-1212.min.js
cookieFound: true
Passed
passed: true
url: https://js-agent.newrelic.com/nr-1212.min.js
cookieFound: false
Failed
passed: false
url: https://js-agent.newrelic.com/nr-1212.min.js
cookieFound: true
Passed
passed: true
url: https://js-agent.newrelic.com/nr-1212.min.js
cookieFound: false
Failed
passed: false
url: https://js-agent.newrelic.com/nr-1212.min.js
cookieFound: true
Passed
passed: true
url: https://js-agent.newrelic.com/nr-1212.min.js
cookieFound: false
Passed
passed: true
url: https://js-agent.newrelic.com/nr-1212.min.js
cookieFound: false
Failed
passed: false
url: https://js-agent.newrelic.com/nr-1212.min.js
cookieFound: true
Quantcast
Tests whether the browser stops cookies from pixel.quantserve.com from tracking users across websites.
              
Passed
passed: true
url: https://pixel.quantserve.com/pixel
cookieFound: false
Failed
passed: false
url: https://pixel.quantserve.com/pixel
cookieFound: true
Passed
passed: true
url: https://pixel.quantserve.com/pixel
cookieFound: false
Passed
passed: true
url: https://pixel.quantserve.com/pixel
cookieFound: false
Passed
passed: true
url: https://pixel.quantserve.com/pixel
cookieFound: false
Failed
passed: false
url: https://pixel.quantserve.com/pixel
cookieFound: true
Passed
passed: true
url: https://pixel.quantserve.com/pixel
cookieFound: false
Passed
passed: true
url: https://pixel.quantserve.com/pixel
cookieFound: false
Failed
passed: false
url: https://pixel.quantserve.com/pixel
cookieFound: true
Scorecard Research Beacon
Tests whether the browser stops cookies from sb.scorecardresearch.com from tracking users across websites.
              
Passed
passed: true
url: https://sb.scorecardresearch.com/internal-c2/default/cs.js
cookieFound: false
Failed
passed: false
url: https://sb.scorecardresearch.com/internal-c2/default/cs.js
cookieFound: true
Passed
passed: true
url: https://sb.scorecardresearch.com/internal-c2/default/cs.js
cookieFound: false
Failed
passed: false
url: https://sb.scorecardresearch.com/internal-c2/default/cs.js
cookieFound: true
Passed
passed: true
url: https://sb.scorecardresearch.com/internal-c2/default/cs.js
cookieFound: false
Failed
passed: false
url: https://sb.scorecardresearch.com/internal-c2/default/cs.js
cookieFound: true
Passed
passed: true
url: https://sb.scorecardresearch.com/internal-c2/default/cs.js
cookieFound: false
Passed
passed: true
url: https://sb.scorecardresearch.com/internal-c2/default/cs.js
cookieFound: false
Failed
passed: false
url: https://sb.scorecardresearch.com/internal-c2/default/cs.js
cookieFound: true
Taboola
Tests whether the browser stops cookies from trc.taboola.com from tracking users across websites.
              
Passed
passed: true
url: https://trc.taboola.com/futureplc-tomsguide/trc/3/json
cookieFound: false
Failed
passed: false
url: https://trc.taboola.com/futureplc-tomsguide/trc/3/json
cookieFound: true
Passed
passed: true
url: https://trc.taboola.com/futureplc-tomsguide/trc/3/json
cookieFound: false
Passed
passed: true
url: https://trc.taboola.com/futureplc-tomsguide/trc/3/json
cookieFound: false
Passed
passed: true
url: https://trc.taboola.com/futureplc-tomsguide/trc/3/json
cookieFound: false
Failed
passed: false
url: https://trc.taboola.com/futureplc-tomsguide/trc/3/json
cookieFound: true
Passed
passed: true
url: https://trc.taboola.com/futureplc-tomsguide/trc/3/json
cookieFound: false
Passed
passed: true
url: https://trc.taboola.com/futureplc-tomsguide/trc/3/json
cookieFound: false
Failed
passed: false
url: https://trc.taboola.com/futureplc-tomsguide/trc/3/json
cookieFound: true
Twitter pixel
Tests whether the browser stops cookies from t.co from tracking users across websites.
              
Passed
passed: true
url: https://t.co/i/adsct
cookieFound: false
Failed
passed: false
url: https://t.co/i/adsct
cookieFound: true
Passed
passed: true
url: https://t.co/i/adsct
cookieFound: false
Failed
passed: false
url: https://t.co/i/adsct
cookieFound: true
Passed
passed: true
url: https://t.co/i/adsct
cookieFound: false
Failed
passed: false
url: https://t.co/i/adsct
cookieFound: true
Passed
passed: true
url: https://t.co/i/adsct
cookieFound: false
Passed
passed: true
url: https://t.co/i/adsct
cookieFound: false
Failed
passed: false
url: https://t.co/i/adsct
cookieFound: true
Yandex Ads
Tests whether the browser stops cookies from yandex.ru from tracking users across websites.
              
Passed
passed: true
url: https://yandex.ru/ads/system/header-bidding.js
cookieFound: false
Failed
passed: false
url: https://yandex.ru/ads/system/header-bidding.js
cookieFound: true
Passed
passed: true
url: https://yandex.ru/ads/system/header-bidding.js
cookieFound: false
Passed
passed: true
url: https://yandex.ru/ads/system/header-bidding.js
cookieFound: false
Passed
passed: true
url: https://yandex.ru/ads/system/header-bidding.js
cookieFound: false
Failed
passed: false
url: https://yandex.ru/ads/system/header-bidding.js
cookieFound: true
Passed
passed: true
url: https://yandex.ru/ads/system/header-bidding.js
cookieFound: false
Passed
passed: true
url: https://yandex.ru/ads/system/header-bidding.js
cookieFound: false
Failed
passed: false
url: https://yandex.ru/ads/system/header-bidding.js
cookieFound: true
Cross-session first-party tracking testsWhich browsers prevent websites from tracking you across browser sessions?
A common vulnerability of web browsers is that they allow websites ("first parties") to 'tag' your browser with some tracking data. This tag can be used to re-identify you when you return to a website you visited before. This category of leaks can be prevented by browser if they clean or isolate data between browser sessions. (In cases where a user has logged into a website or entered detailed information, it may be justifiable for a browser to retain information across sessions. These tests check when no such justification exists: when you have entered no significant information into a website, will the browser still retain data that allows you to be tracked across sessions?)
        
Alt-Svc
Alt-Svc allows the server to indicate to the web browser that a resource should be loaded on a different server. Because this is a persistent setting, it could be used to track users across websites if it is not correctly partitioned.
              
Failed
write: async () => {
      // Clear Alt-Svc caching first.
      let responseText = "";
      for (let i = 0; i < 3; ++i) {
        await fetch(altSvcOrigin + "/clear");
        await sleepMs(100);
      }
      responseText = await fetchText(altSvcOrigin + "/protocol");
      console.log("after clear:", responseText);
      // Store "h3" state in Alt-Svc cache
      for (let i = 0; i < 3; ++i) {
        await fetch(altSvcOrigin + "/set");
        await sleepMs(100);
      }
      responseText = await fetchText(altSvcOrigin + "/protocol");
      console.log("after set:", responseText);
    }

read: async () => {
      const protocol = await fetchText(altSvcOrigin + "/protocol");
      if ((new URL(location)).searchParams.get("thirdparty") === "same") {
        if (protocol !== "h3") {
          throw new Error("Unsupported");
        }
      }
      return protocol;
    }

result, same session: h3

result, different session: h3

unsupported: false

passed: false

test failed: false
Failed
write: async () => {
      // Clear Alt-Svc caching first.
      let responseText = "";
      for (let i = 0; i < 3; ++i) {
        await fetch(altSvcOrigin + "/clear");
        await sleepMs(100);
      }
      responseText = await fetchText(altSvcOrigin + "/protocol");
      console.log("after clear:", responseText);
      // Store "h3" state in Alt-Svc cache
      for (let i = 0; i < 3; ++i) {
        await fetch(altSvcOrigin + "/set");
        await sleepMs(100);
      }
      responseText = await fetchText(altSvcOrigin + "/protocol");
      console.log("after set:", responseText);
    }

read: async () => {
      const protocol = await fetchText(altSvcOrigin + "/protocol");
      if ((new URL(location)).searchParams.get("thirdparty") === "same") {
        if (protocol !== "h3") {
          throw new Error("Unsupported");
        }
      }
      return protocol;
    }

result, same session: h3

result, different session: h3

unsupported: false

passed: false

test failed: false
Passed
write: async () => {
      // Clear Alt-Svc caching first.
      let responseText = "";
      for (let i = 0; i < 3; ++i) {
        await fetch(altSvcOrigin + "/clear");
        await sleepMs(100);
      }
      responseText = await fetchText(altSvcOrigin + "/protocol");
      console.log("after clear:", responseText);
      // Store "h3" state in Alt-Svc cache
      for (let i = 0; i < 3; ++i) {
        await fetch(altSvcOrigin + "/set");
        await sleepMs(100);
      }
      responseText = await fetchText(altSvcOrigin + "/protocol");
      console.log("after set:", responseText);
    }

read: async () => {
      const protocol = await fetchText(altSvcOrigin + "/protocol");
      if ((new URL(location)).searchParams.get("thirdparty") === "same") {
        if (protocol !== "h3") {
          throw new Error("Unsupported");
        }
      }
      return protocol;
    }

result, same session: h3

result, different session: h2

unsupported: false

passed: true

test failed: false
Failed
write: async () => {
      // Clear Alt-Svc caching first.
      let responseText = "";
      for (let i = 0; i < 3; ++i) {
        await fetch(altSvcOrigin + "/clear");
        await sleepMs(100);
      }
      responseText = await fetchText(altSvcOrigin + "/protocol");
      console.log("after clear:", responseText);
      // Store "h3" state in Alt-Svc cache
      for (let i = 0; i < 3; ++i) {
        await fetch(altSvcOrigin + "/set");
        await sleepMs(100);
      }
      responseText = await fetchText(altSvcOrigin + "/protocol");
      console.log("after set:", responseText);
    }

read: async () => {
      const protocol = await fetchText(altSvcOrigin + "/protocol");
      if ((new URL(location)).searchParams.get("thirdparty") === "same") {
        if (protocol !== "h3") {
          throw new Error("Unsupported");
        }
      }
      return protocol;
    }

result, same session: h3

result, different session: h3

unsupported: false

passed: false

test failed: false
Failed
write: async () => {
      // Clear Alt-Svc caching first.
      let responseText = "";
      for (let i = 0; i < 3; ++i) {
        await fetch(altSvcOrigin + "/clear");
        await sleepMs(100);
      }
      responseText = await fetchText(altSvcOrigin + "/protocol");
      console.log("after clear:", responseText);
      // Store "h3" state in Alt-Svc cache
      for (let i = 0; i < 3; ++i) {
        await fetch(altSvcOrigin + "/set");
        await sleepMs(100);
      }
      responseText = await fetchText(altSvcOrigin + "/protocol");
      console.log("after set:", responseText);
    }

read: async () => {
      const protocol = await fetchText(altSvcOrigin + "/protocol");
      if ((new URL(location)).searchParams.get("thirdparty") === "same") {
        if (protocol !== "h3") {
          throw new Error("Unsupported");
        }
      }
      return protocol;
    }

result, same session: h3

result, different session: h3

unsupported: false

passed: false

test failed: false
Failed
write: async () => {
      // Clear Alt-Svc caching first.
      let responseText = "";
      for (let i = 0; i < 3; ++i) {
        await fetch(altSvcOrigin + "/clear");
        await sleepMs(100);
      }
      responseText = await fetchText(altSvcOrigin + "/protocol");
      console.log("after clear:", responseText);
      // Store "h3" state in Alt-Svc cache
      for (let i = 0; i < 3; ++i) {
        await fetch(altSvcOrigin + "/set");
        await sleepMs(100);
      }
      responseText = await fetchText(altSvcOrigin + "/protocol");
      console.log("after set:", responseText);
    }

read: async () => {
      const protocol = await fetchText(altSvcOrigin + "/protocol");
      if ((new URL(location)).searchParams.get("thirdparty") === "same") {
        if (protocol !== "h3") {
          throw new Error("Unsupported");
        }
      }
      return protocol;
    }

result, same session: h3

result, different session: h3

unsupported: false

passed: false

test failed: false
Unsupported
write: async () => {
      // Clear Alt-Svc caching first.
      let responseText = "";
      for (let i = 0; i < 3; ++i) {
        await fetch(altSvcOrigin + "/clear");
        await sleepMs(100);
      }
      responseText = await fetchText(altSvcOrigin + "/protocol");
      console.log("after clear:", responseText);
      // Store "h3" state in Alt-Svc cache
      for (let i = 0; i < 3; ++i) {
        await fetch(altSvcOrigin + "/set");
        await sleepMs(100);
      }
      responseText = await fetchText(altSvcOrigin + "/protocol");
      console.log("after set:", responseText);
    }

read: async () => {
      const protocol = await fetchText(altSvcOrigin + "/protocol");
      if ((new URL(location)).searchParams.get("thirdparty") === "same") {
        if (protocol !== "h3") {
          throw new Error("Unsupported");
        }
      }
      return protocol;
    }

result, same session: h2

result, different session: h3

unsupported: true

passed: undefined

test failed: false
Unsupported
write: async () => {
      // Clear Alt-Svc caching first.
      let responseText = "";
      for (let i = 0; i < 3; ++i) {
        await fetch(altSvcOrigin + "/clear");
        await sleepMs(100);
      }
      responseText = await fetchText(altSvcOrigin + "/protocol");
      console.log("after clear:", responseText);
      // Store "h3" state in Alt-Svc cache
      for (let i = 0; i < 3; ++i) {
        await fetch(altSvcOrigin + "/set");
        await sleepMs(100);
      }
      responseText = await fetchText(altSvcOrigin + "/protocol");
      console.log("after set:", responseText);
    }

read: async () => {
      const protocol = await fetchText(altSvcOrigin + "/protocol");
      if ((new URL(location)).searchParams.get("thirdparty") === "same") {
        if (protocol !== "h3") {
          throw new Error("Unsupported");
        }
      }
      return protocol;
    }

result, same session: h2

result, different session: h2

unsupported: true

passed: undefined

test failed: false
Failed
write: async () => {
      // Clear Alt-Svc caching first.
      let responseText = "";
      for (let i = 0; i < 3; ++i) {
        await fetch(altSvcOrigin + "/clear");
        await sleepMs(100);
      }
      responseText = await fetchText(altSvcOrigin + "/protocol");
      console.log("after clear:", responseText);
      // Store "h3" state in Alt-Svc cache
      for (let i = 0; i < 3; ++i) {
        await fetch(altSvcOrigin + "/set");
        await sleepMs(100);
      }
      responseText = await fetchText(altSvcOrigin + "/protocol");
      console.log("after set:", responseText);
    }

read: async () => {
      const protocol = await fetchText(altSvcOrigin + "/protocol");
      if ((new URL(location)).searchParams.get("thirdparty") === "same") {
        if (protocol !== "h3") {
          throw new Error("Unsupported");
        }
      }
      return protocol;
    }

result, same session: h3

result, different session: h3

unsupported: false

passed: false

test failed: false
CacheStorage
The Cache API is a content storage mechanism originally introduced to support ServiceWorkers. If the same Cache object is accessible to multiple websites, it can be abused to track users.
              
Failed
write: async (key) => {
      try {
        let cache = await caches.open("supercookies");
        cache.addAll([`test.css?key=${key}`]);
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: async () => {
      let cache = await caches.open("supercookies");
      let cacheKeys = await cache.keys();
      let url = cacheKeys[0].url;
      return (new URL(url)).searchParams.get("key");
    }

result, same session: f7e729f7-9e22-4b1b-baa7-038cdd2b7466_1p

result, different session: f7e729f7-9e22-4b1b-baa7-038cdd2b7466_1p

unsupported: false

passed: false

test failed: false
Failed
write: async (key) => {
      try {
        let cache = await caches.open("supercookies");
        cache.addAll([`test.css?key=${key}`]);
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: async () => {
      let cache = await caches.open("supercookies");
      let cacheKeys = await cache.keys();
      let url = cacheKeys[0].url;
      return (new URL(url)).searchParams.get("key");
    }

result, same session: eac80989-abd5-4d75-ab7d-bc4b3f378167_1p

result, different session: eac80989-abd5-4d75-ab7d-bc4b3f378167_1p

unsupported: false

passed: false

test failed: false
Passed
write: async (key) => {
      try {
        let cache = await caches.open("supercookies");
        cache.addAll([`test.css?key=${key}`]);
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: async () => {
      let cache = await caches.open("supercookies");
      let cacheKeys = await cache.keys();
      let url = cacheKeys[0].url;
      return (new URL(url)).searchParams.get("key");
    }

result, same session: 8dcf3049-0641-4832-bc66-2373dea8b2ff_1p

result, different session: Error: undefined is not an object (evaluating 'cacheKeys[0].url')

unsupported: false

passed: true

test failed: false
Failed
write: async (key) => {
      try {
        let cache = await caches.open("supercookies");
        cache.addAll([`test.css?key=${key}`]);
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: async () => {
      let cache = await caches.open("supercookies");
      let cacheKeys = await cache.keys();
      let url = cacheKeys[0].url;
      return (new URL(url)).searchParams.get("key");
    }

result, same session: 25ffccc7-68bd-4d2f-86e0-8a0bb87be277_1p

result, different session: 25ffccc7-68bd-4d2f-86e0-8a0bb87be277_1p

unsupported: false

passed: false

test failed: false
Failed
write: async (key) => {
      try {
        let cache = await caches.open("supercookies");
        cache.addAll([`test.css?key=${key}`]);
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: async () => {
      let cache = await caches.open("supercookies");
      let cacheKeys = await cache.keys();
      let url = cacheKeys[0].url;
      return (new URL(url)).searchParams.get("key");
    }

result, same session: eb0dda01-983e-40e8-b21b-217f51793243_1p

result, different session: eb0dda01-983e-40e8-b21b-217f51793243_1p

unsupported: false

passed: false

test failed: false
Failed
write: async (key) => {
      try {
        let cache = await caches.open("supercookies");
        cache.addAll([`test.css?key=${key}`]);
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: async () => {
      let cache = await caches.open("supercookies");
      let cacheKeys = await cache.keys();
      let url = cacheKeys[0].url;
      return (new URL(url)).searchParams.get("key");
    }

result, same session: e91cf262-3db2-4ce2-9312-b912493f0ef0_1p

result, different session: e91cf262-3db2-4ce2-9312-b912493f0ef0_1p

unsupported: false

passed: false

test failed: false
Unsupported
write: async (key) => {
      try {
        let cache = await caches.open("supercookies");
        cache.addAll([`test.css?key=${key}`]);
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: async () => {
      let cache = await caches.open("supercookies");
      let cacheKeys = await cache.keys();
      let url = cacheKeys[0].url;
      return (new URL(url)).searchParams.get("key");
    }

result, same session: Error: Failed reading data from the file system

result, different session: Error: Failed reading data from the file system

unsupported: true

passed: undefined

test failed: false
Unsupported
write: async (key) => {
      try {
        let cache = await caches.open("supercookies");
        cache.addAll([`test.css?key=${key}`]);
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: async () => {
      let cache = await caches.open("supercookies");
      let cacheKeys = await cache.keys();
      let url = cacheKeys[0].url;
      return (new URL(url)).searchParams.get("key");
    }

result, same session: Error: The operation is insecure.

result, different session: Error: The operation is insecure.

unsupported: true

passed: undefined

test failed: false
Failed
write: async (key) => {
      try {
        let cache = await caches.open("supercookies");
        cache.addAll([`test.css?key=${key}`]);
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: async () => {
      let cache = await caches.open("supercookies");
      let cacheKeys = await cache.keys();
      let url = cacheKeys[0].url;
      return (new URL(url)).searchParams.get("key");
    }

result, same session: 5c4b21b3-6581-43d2-8006-dc5d38ff986b_1p

result, different session: 5c4b21b3-6581-43d2-8006-dc5d38ff986b_1p

unsupported: false

passed: false

test failed: false
cookie (HTTP)
The cookie, first introduced by Netscape in 1994, is a small amount of data stored by your browser on a website's behalf. It has legitimate uses, but it is also the classic cross-site tracking mechanism, and today still the most popular method of tracking users across websites. Browsers can stop cookies from being used for cross-site tracking by either blocking or partitioning them.
              
Failed
write: async (secret) => {
      // Request a page that will send an HTTPOnly 'set-cookie' response header with secret value.
      await fetch(`${baseURI}cookie?secret=${secret}_http`);
    }

read: async () => {
      // Test if we now send a requests with a 'cookie' header containing the secret.
      let response = await fetch(`${baseURI}headers`);
      let cookie = (await response.json())["cookie"];
      return cookie ? cookie.match(/secret=([\w-]+)/)[1]: null;
    }

result, same session: f7e729f7-9e22-4b1b-baa7-038cdd2b7466_1p_http

result, different session: f7e729f7-9e22-4b1b-baa7-038cdd2b7466_1p_http

unsupported: false

passed: false

test failed: false
Failed
write: async (secret) => {
      // Request a page that will send an HTTPOnly 'set-cookie' response header with secret value.
      await fetch(`${baseURI}cookie?secret=${secret}_http`);
    }

read: async () => {
      // Test if we now send a requests with a 'cookie' header containing the secret.
      let response = await fetch(`${baseURI}headers`);
      let cookie = (await response.json())["cookie"];
      return cookie ? cookie.match(/secret=([\w-]+)/)[1]: null;
    }

result, same session: eac80989-abd5-4d75-ab7d-bc4b3f378167_1p_http

result, different session: eac80989-abd5-4d75-ab7d-bc4b3f378167_1p_http

unsupported: false

passed: false

test failed: false
Failed
write: async (secret) => {
      // Request a page that will send an HTTPOnly 'set-cookie' response header with secret value.
      await fetch(`${baseURI}cookie?secret=${secret}_http`);
    }

read: async () => {
      // Test if we now send a requests with a 'cookie' header containing the secret.
      let response = await fetch(`${baseURI}headers`);
      let cookie = (await response.json())["cookie"];
      return cookie ? cookie.match(/secret=([\w-]+)/)[1]: null;
    }

result, same session: 8dcf3049-0641-4832-bc66-2373dea8b2ff_1p_http

result, different session: 8dcf3049-0641-4832-bc66-2373dea8b2ff_1p_http

unsupported: false

passed: false

test failed: false
Failed
write: async (secret) => {
      // Request a page that will send an HTTPOnly 'set-cookie' response header with secret value.
      await fetch(`${baseURI}cookie?secret=${secret}_http`);
    }

read: async () => {
      // Test if we now send a requests with a 'cookie' header containing the secret.
      let response = await fetch(`${baseURI}headers`);
      let cookie = (await response.json())["cookie"];
      return cookie ? cookie.match(/secret=([\w-]+)/)[1]: null;
    }

result, same session: 25ffccc7-68bd-4d2f-86e0-8a0bb87be277_1p_http

result, different session: 25ffccc7-68bd-4d2f-86e0-8a0bb87be277_1p_http

unsupported: false

passed: false

test failed: false
Failed
write: async (secret) => {
      // Request a page that will send an HTTPOnly 'set-cookie' response header with secret value.
      await fetch(`${baseURI}cookie?secret=${secret}_http`);
    }

read: async () => {
      // Test if we now send a requests with a 'cookie' header containing the secret.
      let response = await fetch(`${baseURI}headers`);
      let cookie = (await response.json())["cookie"];
      return cookie ? cookie.match(/secret=([\w-]+)/)[1]: null;
    }

result, same session: eb0dda01-983e-40e8-b21b-217f51793243_1p_http

result, different session: eb0dda01-983e-40e8-b21b-217f51793243_1p_http

unsupported: false

passed: false

test failed: false
Failed
write: async (secret) => {
      // Request a page that will send an HTTPOnly 'set-cookie' response header with secret value.
      await fetch(`${baseURI}cookie?secret=${secret}_http`);
    }

read: async () => {
      // Test if we now send a requests with a 'cookie' header containing the secret.
      let response = await fetch(`${baseURI}headers`);
      let cookie = (await response.json())["cookie"];
      return cookie ? cookie.match(/secret=([\w-]+)/)[1]: null;
    }

result, same session: e91cf262-3db2-4ce2-9312-b912493f0ef0_1p_http

result, different session: e91cf262-3db2-4ce2-9312-b912493f0ef0_1p_http

unsupported: false

passed: false

test failed: false
Failed
write: async (secret) => {
      // Request a page that will send an HTTPOnly 'set-cookie' response header with secret value.
      await fetch(`${baseURI}cookie?secret=${secret}_http`);
    }

read: async () => {
      // Test if we now send a requests with a 'cookie' header containing the secret.
      let response = await fetch(`${baseURI}headers`);
      let cookie = (await response.json())["cookie"];
      return cookie ? cookie.match(/secret=([\w-]+)/)[1]: null;
    }

result, same session: e54f56ee-527d-4b84-847f-9120b105376f_1p_http

result, different session: e54f56ee-527d-4b84-847f-9120b105376f_1p_http

unsupported: false

passed: false

test failed: false
Passed
write: async (secret) => {
      // Request a page that will send an HTTPOnly 'set-cookie' response header with secret value.
      await fetch(`${baseURI}cookie?secret=${secret}_http`);
    }

read: async () => {
      // Test if we now send a requests with a 'cookie' header containing the secret.
      let response = await fetch(`${baseURI}headers`);
      let cookie = (await response.json())["cookie"];
      return cookie ? cookie.match(/secret=([\w-]+)/)[1]: null;
    }

result, same session: 80df2b1d-cc96-4f9a-8af8-418737aa9557_1p_http

result, different session: null

unsupported: false

passed: true

test failed: false
Failed
write: async (secret) => {
      // Request a page that will send an HTTPOnly 'set-cookie' response header with secret value.
      await fetch(`${baseURI}cookie?secret=${secret}_http`);
    }

read: async () => {
      // Test if we now send a requests with a 'cookie' header containing the secret.
      let response = await fetch(`${baseURI}headers`);
      let cookie = (await response.json())["cookie"];
      return cookie ? cookie.match(/secret=([\w-]+)/)[1]: null;
    }

result, same session: 5c4b21b3-6581-43d2-8006-dc5d38ff986b_1p_http

result, different session: 5c4b21b3-6581-43d2-8006-dc5d38ff986b_1p_http

unsupported: false

passed: false

test failed: false
cookie (JS)
The cookie, first introduced by Netscape in 1994, is a small amount of data stored by your browser on a website's behalf. It has legitimate uses, but it is also the classic cross-site tracking mechanism, and today still the most popular method of tracking users across websites. Browsers can stop cookies from being used for cross-site tracking by either blocking or partitioning them.
              
Failed
write: (secret) => {
      document.cookie = `secret=${secret}_js; max-age=3600; SameSite=None; Secure`;
    }

read: () => document.cookie ? document.cookie.match(/secret=([\w-]+)/)[1] : null

result, same session: f7e729f7-9e22-4b1b-baa7-038cdd2b7466_1p_js

result, different session: f7e729f7-9e22-4b1b-baa7-038cdd2b7466_1p_js

unsupported: false

passed: false

test failed: false
Failed
write: (secret) => {
      document.cookie = `secret=${secret}_js; max-age=3600; SameSite=None; Secure`;
    }

read: () => document.cookie ? document.cookie.match(/secret=([\w-]+)/)[1] : null

result, same session: eac80989-abd5-4d75-ab7d-bc4b3f378167_1p_js

result, different session: eac80989-abd5-4d75-ab7d-bc4b3f378167_1p_js

unsupported: false

passed: false

test failed: false
Passed
write: (secret) => {
      document.cookie = `secret=${secret}_js; max-age=3600; SameSite=None; Secure`;
    }

read: () => document.cookie ? document.cookie.match(/secret=([\w-]+)/)[1] : null

result, same session: 8dcf3049-0641-4832-bc66-2373dea8b2ff_1p_js

result, different session: null

unsupported: false

passed: true

test failed: false
Failed
write: (secret) => {
      document.cookie = `secret=${secret}_js; max-age=3600; SameSite=None; Secure`;
    }

read: () => document.cookie ? document.cookie.match(/secret=([\w-]+)/)[1] : null

result, same session: 25ffccc7-68bd-4d2f-86e0-8a0bb87be277_1p_js

result, different session: 25ffccc7-68bd-4d2f-86e0-8a0bb87be277_1p_js

unsupported: false

passed: false

test failed: false
Failed
write: (secret) => {
      document.cookie = `secret=${secret}_js; max-age=3600; SameSite=None; Secure`;
    }

read: () => document.cookie ? document.cookie.match(/secret=([\w-]+)/)[1] : null

result, same session: eb0dda01-983e-40e8-b21b-217f51793243_1p_js

result, different session: eb0dda01-983e-40e8-b21b-217f51793243_1p_js

unsupported: false

passed: false

test failed: false
Failed
write: (secret) => {
      document.cookie = `secret=${secret}_js; max-age=3600; SameSite=None; Secure`;
    }

read: () => document.cookie ? document.cookie.match(/secret=([\w-]+)/)[1] : null

result, same session: e91cf262-3db2-4ce2-9312-b912493f0ef0_1p_js

result, different session: e91cf262-3db2-4ce2-9312-b912493f0ef0_1p_js

unsupported: false

passed: false

test failed: false
Failed
write: (secret) => {
      document.cookie = `secret=${secret}_js; max-age=3600; SameSite=None; Secure`;
    }

read: () => document.cookie ? document.cookie.match(/secret=([\w-]+)/)[1] : null

result, same session: e54f56ee-527d-4b84-847f-9120b105376f_1p_js

result, different session: e54f56ee-527d-4b84-847f-9120b105376f_1p_js

unsupported: false

passed: false

test failed: false
Passed
write: (secret) => {
      document.cookie = `secret=${secret}_js; max-age=3600; SameSite=None; Secure`;
    }

read: () => document.cookie ? document.cookie.match(/secret=([\w-]+)/)[1] : null

result, same session: 80df2b1d-cc96-4f9a-8af8-418737aa9557_1p_js

result, different session: null

unsupported: false

passed: true

test failed: false
Failed
write: (secret) => {
      document.cookie = `secret=${secret}_js; max-age=3600; SameSite=None; Secure`;
    }

read: () => document.cookie ? document.cookie.match(/secret=([\w-]+)/)[1] : null

result, same session: 5c4b21b3-6581-43d2-8006-dc5d38ff986b_1p_js

result, different session: 5c4b21b3-6581-43d2-8006-dc5d38ff986b_1p_js

unsupported: false

passed: false

test failed: false
CookieStore
The Cookie Store API is an alternative asynchronous API for managing cookies, supported by some browsers.
              
Failed
write: (data) => {
      const msPerHour = 60 * 60 * 1000;
      if (!window.cookieStore) {
        throw new Error("Unsupported");
      }
      window.cookieStore.set({
        name: "partition_test",
        value: data,
        expires: Date.now() + msPerHour,
        sameSite: "none"
      });
    }

read: async () => {
      if (!window.cookieStore) {
        throw new Error("Unsupported");
      }
      const cookie = await window.cookieStore.get("partition_test");
      if (!cookie) {
        return null;
      }
      return cookie.value;
    }

result, same session: f7e729f7-9e22-4b1b-baa7-038cdd2b7466_1p

result, different session: f7e729f7-9e22-4b1b-baa7-038cdd2b7466_1p

unsupported: false

passed: false

test failed: false
Failed
write: (data) => {
      const msPerHour = 60 * 60 * 1000;
      if (!window.cookieStore) {
        throw new Error("Unsupported");
      }
      window.cookieStore.set({
        name: "partition_test",
        value: data,
        expires: Date.now() + msPerHour,
        sameSite: "none"
      });
    }

read: async () => {
      if (!window.cookieStore) {
        throw new Error("Unsupported");
      }
      const cookie = await window.cookieStore.get("partition_test");
      if (!cookie) {
        return null;
      }
      return cookie.value;
    }

result, same session: eac80989-abd5-4d75-ab7d-bc4b3f378167_1p

result, different session: eac80989-abd5-4d75-ab7d-bc4b3f378167_1p

unsupported: false

passed: false

test failed: false
Unsupported
write: (data) => {
      const msPerHour = 60 * 60 * 1000;
      if (!window.cookieStore) {
        throw new Error("Unsupported");
      }
      window.cookieStore.set({
        name: "partition_test",
        value: data,
        expires: Date.now() + msPerHour,
        sameSite: "none"
      });
    }

read: async () => {
      if (!window.cookieStore) {
        throw new Error("Unsupported");
      }
      const cookie = await window.cookieStore.get("partition_test");
      if (!cookie) {
        return null;
      }
      return cookie.value;
    }

result, same session: Error: Unsupported

result, different session: Error: Unsupported

unsupported: true

passed: undefined

test failed: false
Failed
write: (data) => {
      const msPerHour = 60 * 60 * 1000;
      if (!window.cookieStore) {
        throw new Error("Unsupported");
      }
      window.cookieStore.set({
        name: "partition_test",
        value: data,
        expires: Date.now() + msPerHour,
        sameSite: "none"
      });
    }

read: async () => {
      if (!window.cookieStore) {
        throw new Error("Unsupported");
      }
      const cookie = await window.cookieStore.get("partition_test");
      if (!cookie) {
        return null;
      }
      return cookie.value;
    }

result, same session: 25ffccc7-68bd-4d2f-86e0-8a0bb87be277_1p

result, different session: 25ffccc7-68bd-4d2f-86e0-8a0bb87be277_1p

unsupported: false

passed: false

test failed: false
Unsupported
write: (data) => {
      const msPerHour = 60 * 60 * 1000;
      if (!window.cookieStore) {
        throw new Error("Unsupported");
      }
      window.cookieStore.set({
        name: "partition_test",
        value: data,
        expires: Date.now() + msPerHour,
        sameSite: "none"
      });
    }

read: async () => {
      if (!window.cookieStore) {
        throw new Error("Unsupported");
      }
      const cookie = await window.cookieStore.get("partition_test");
      if (!cookie) {
        return null;
      }
      return cookie.value;
    }

result, same session: Error: Unsupported

result, different session: Error: Unsupported

unsupported: true

passed: undefined

test failed: false
Failed
write: (data) => {
      const msPerHour = 60 * 60 * 1000;
      if (!window.cookieStore) {
        throw new Error("Unsupported");
      }
      window.cookieStore.set({
        name: "partition_test",
        value: data,
        expires: Date.now() + msPerHour,
        sameSite: "none"
      });
    }

read: async () => {
      if (!window.cookieStore) {
        throw new Error("Unsupported");
      }
      const cookie = await window.cookieStore.get("partition_test");
      if (!cookie) {
        return null;
      }
      return cookie.value;
    }

result, same session: e91cf262-3db2-4ce2-9312-b912493f0ef0_1p

result, different session: e91cf262-3db2-4ce2-9312-b912493f0ef0_1p

unsupported: false

passed: false

test failed: false
Unsupported
write: (data) => {
      const msPerHour = 60 * 60 * 1000;
      if (!window.cookieStore) {
        throw new Error("Unsupported");
      }
      window.cookieStore.set({
        name: "partition_test",
        value: data,
        expires: Date.now() + msPerHour,
        sameSite: "none"
      });
    }

read: async () => {
      if (!window.cookieStore) {
        throw new Error("Unsupported");
      }
      const cookie = await window.cookieStore.get("partition_test");
      if (!cookie) {
        return null;
      }
      return cookie.value;
    }

result, same session: Error: Unsupported

result, different session: Error: Unsupported

unsupported: true

passed: undefined

test failed: false
Unsupported
write: (data) => {
      const msPerHour = 60 * 60 * 1000;
      if (!window.cookieStore) {
        throw new Error("Unsupported");
      }
      window.cookieStore.set({
        name: "partition_test",
        value: data,
        expires: Date.now() + msPerHour,
        sameSite: "none"
      });
    }

read: async () => {
      if (!window.cookieStore) {
        throw new Error("Unsupported");
      }
      const cookie = await window.cookieStore.get("partition_test");
      if (!cookie) {
        return null;
      }
      return cookie.value;
    }

result, same session: Error: Unsupported

result, different session: Error: Unsupported

unsupported: true

passed: undefined

test failed: false
Failed
write: (data) => {
      const msPerHour = 60 * 60 * 1000;
      if (!window.cookieStore) {
        throw new Error("Unsupported");
      }
      window.cookieStore.set({
        name: "partition_test",
        value: data,
        expires: Date.now() + msPerHour,
        sameSite: "none"
      });
    }

read: async () => {
      if (!window.cookieStore) {
        throw new Error("Unsupported");
      }
      const cookie = await window.cookieStore.get("partition_test");
      if (!cookie) {
        return null;
      }
      return cookie.value;
    }

result, same session: 5c4b21b3-6581-43d2-8006-dc5d38ff986b_1p

result, different session: 5c4b21b3-6581-43d2-8006-dc5d38ff986b_1p

unsupported: false

passed: false

test failed: false
CSS cache
CSS stylesheets are cached, and if that cache is shared between websites, it can be used to track users across sites.
              
Failed
write: async (key) => {
      const href = testURI("resource", "css", key);
      const head = document.getElementsByTagName("head")[0];
      head.innerHTML += `<link type="text/css" rel="stylesheet" href="${href}">`;
      const testElement = document.querySelector("#css");
      let fontFamily;
      while (true) {
        await sleepMs(100);
        fontFamily = getComputedStyle(testElement).fontFamily;
        if (fontFamily.startsWith("fake")) {
          break;
        }
      }
      console.log(fontFamily);
      return key;
    }

read: async (key) => {
      const href = testURI("resource", "css", key);
      const head = document.getElementsByTagName("head")[0];
      head.innerHTML += `<link type="text/css" rel="stylesheet" href="${href}">`;
      const testElement = document.querySelector("#css");
      let fontFamily;
      while (true) {
        await sleepMs(100);
        fontFamily = getComputedStyle(testElement).fontFamily;
        if (fontFamily.startsWith("fake")) {
          break;
        }
      }
      console.log(fontFamily);
      return fontFamily;
    }

result, same session: fake_7874627047609934

result, different session: fake_7874627047609934

unsupported: false

passed: false

test failed: false
Failed
write: async (key) => {
      const href = testURI("resource", "css", key);
      const head = document.getElementsByTagName("head")[0];
      head.innerHTML += `<link type="text/css" rel="stylesheet" href="${href}">`;
      const testElement = document.querySelector("#css");
      let fontFamily;
      while (true) {
        await sleepMs(100);
        fontFamily = getComputedStyle(testElement).fontFamily;
        if (fontFamily.startsWith("fake")) {
          break;
        }
      }
      console.log(fontFamily);
      return key;
    }

read: async (key) => {
      const href = testURI("resource", "css", key);
      const head = document.getElementsByTagName("head")[0];
      head.innerHTML += `<link type="text/css" rel="stylesheet" href="${href}">`;
      const testElement = document.querySelector("#css");
      let fontFamily;
      while (true) {
        await sleepMs(100);
        fontFamily = getComputedStyle(testElement).fontFamily;
        if (fontFamily.startsWith("fake")) {
          break;
        }
      }
      console.log(fontFamily);
      return fontFamily;
    }

result, same session: fake_46435514990582627

result, different session: fake_46435514990582627

unsupported: false

passed: false

test failed: false
Failed
write: async (key) => {
      const href = testURI("resource", "css", key);
      const head = document.getElementsByTagName("head")[0];
      head.innerHTML += `<link type="text/css" rel="stylesheet" href="${href}">`;
      const testElement = document.querySelector("#css");
      let fontFamily;
      while (true) {
        await sleepMs(100);
        fontFamily = getComputedStyle(testElement).fontFamily;
        if (fontFamily.startsWith("fake")) {
          break;
        }
      }
      console.log(fontFamily);
      return key;
    }

read: async (key) => {
      const href = testURI("resource", "css", key);
      const head = document.getElementsByTagName("head")[0];
      head.innerHTML += `<link type="text/css" rel="stylesheet" href="${href}">`;
      const testElement = document.querySelector("#css");
      let fontFamily;
      while (true) {
        await sleepMs(100);
        fontFamily = getComputedStyle(testElement).fontFamily;
        if (fontFamily.startsWith("fake")) {
          break;
        }
      }
      console.log(fontFamily);
      return fontFamily;
    }

result, same session: fake_05074008774456429

result, different session: fake_05074008774456429

unsupported: false

passed: false

test failed: false
Failed
write: async (key) => {
      const href = testURI("resource", "css", key);
      const head = document.getElementsByTagName("head")[0];
      head.innerHTML += `<link type="text/css" rel="stylesheet" href="${href}">`;
      const testElement = document.querySelector("#css");
      let fontFamily;
      while (true) {
        await sleepMs(100);
        fontFamily = getComputedStyle(testElement).fontFamily;
        if (fontFamily.startsWith("fake")) {
          break;
        }
      }
      console.log(fontFamily);
      return key;
    }

read: async (key) => {
      const href = testURI("resource", "css", key);
      const head = document.getElementsByTagName("head")[0];
      head.innerHTML += `<link type="text/css" rel="stylesheet" href="${href}">`;
      const testElement = document.querySelector("#css");
      let fontFamily;
      while (true) {
        await sleepMs(100);
        fontFamily = getComputedStyle(testElement).fontFamily;
        if (fontFamily.startsWith("fake")) {
          break;
        }
      }
      console.log(fontFamily);
      return fontFamily;
    }

result, same session: fake_44795063423598

result, different session: fake_44795063423598

unsupported: false

passed: false

test failed: false
Failed
write: async (key) => {
      const href = testURI("resource", "css", key);
      const head = document.getElementsByTagName("head")[0];
      head.innerHTML += `<link type="text/css" rel="stylesheet" href="${href}">`;
      const testElement = document.querySelector("#css");
      let fontFamily;
      while (true) {
        await sleepMs(100);
        fontFamily = getComputedStyle(testElement).fontFamily;
        if (fontFamily.startsWith("fake")) {
          break;
        }
      }
      console.log(fontFamily);
      return key;
    }

read: async (key) => {
      const href = testURI("resource", "css", key);
      const head = document.getElementsByTagName("head")[0];
      head.innerHTML += `<link type="text/css" rel="stylesheet" href="${href}">`;
      const testElement = document.querySelector("#css");
      let fontFamily;
      while (true) {
        await sleepMs(100);
        fontFamily = getComputedStyle(testElement).fontFamily;
        if (fontFamily.startsWith("fake")) {
          break;
        }
      }
      console.log(fontFamily);
      return fontFamily;
    }

result, same session: fake_5444769045116449

result, different session: fake_5444769045116449

unsupported: false

passed: false

test failed: false
Failed
write: async (key) => {
      const href = testURI("resource", "css", key);
      const head = document.getElementsByTagName("head")[0];
      head.innerHTML += `<link type="text/css" rel="stylesheet" href="${href}">`;
      const testElement = document.querySelector("#css");
      let fontFamily;
      while (true) {
        await sleepMs(100);
        fontFamily = getComputedStyle(testElement).fontFamily;
        if (fontFamily.startsWith("fake")) {
          break;
        }
      }
      console.log(fontFamily);
      return key;
    }

read: async (key) => {
      const href = testURI("resource", "css", key);
      const head = document.getElementsByTagName("head")[0];
      head.innerHTML += `<link type="text/css" rel="stylesheet" href="${href}">`;
      const testElement = document.querySelector("#css");
      let fontFamily;
      while (true) {
        await sleepMs(100);
        fontFamily = getComputedStyle(testElement).fontFamily;
        if (fontFamily.startsWith("fake")) {
          break;
        }
      }
      console.log(fontFamily);
      return fontFamily;
    }

result, same session: fake_07743221482212781

result, different session: fake_07743221482212781

unsupported: false

passed: false

test failed: false
Failed
write: async (key) => {
      const href = testURI("resource", "css", key);
      const head = document.getElementsByTagName("head")[0];
      head.innerHTML += `<link type="text/css" rel="stylesheet" href="${href}">`;
      const testElement = document.querySelector("#css");
      let fontFamily;
      while (true) {
        await sleepMs(100);
        fontFamily = getComputedStyle(testElement).fontFamily;
        if (fontFamily.startsWith("fake")) {
          break;
        }
      }
      console.log(fontFamily);
      return key;
    }

read: async (key) => {
      const href = testURI("resource", "css", key);
      const head = document.getElementsByTagName("head")[0];
      head.innerHTML += `<link type="text/css" rel="stylesheet" href="${href}">`;
      const testElement = document.querySelector("#css");
      let fontFamily;
      while (true) {
        await sleepMs(100);
        fontFamily = getComputedStyle(testElement).fontFamily;
        if (fontFamily.startsWith("fake")) {
          break;
        }
      }
      console.log(fontFamily);
      return fontFamily;
    }

result, same session: fake_1617914929183284

result, different session: fake_1617914929183284

unsupported: false

passed: false

test failed: false
Passed
write: async (key) => {
      const href = testURI("resource", "css", key);
      const head = document.getElementsByTagName("head")[0];
      head.innerHTML += `<link type="text/css" rel="stylesheet" href="${href}">`;
      const testElement = document.querySelector("#css");
      let fontFamily;
      while (true) {
        await sleepMs(100);
        fontFamily = getComputedStyle(testElement).fontFamily;
        if (fontFamily.startsWith("fake")) {
          break;
        }
      }
      console.log(fontFamily);
      return key;
    }

read: async (key) => {
      const href = testURI("resource", "css", key);
      const head = document.getElementsByTagName("head")[0];
      head.innerHTML += `<link type="text/css" rel="stylesheet" href="${href}">`;
      const testElement = document.querySelector("#css");
      let fontFamily;
      while (true) {
        await sleepMs(100);
        fontFamily = getComputedStyle(testElement).fontFamily;
        if (fontFamily.startsWith("fake")) {
          break;
        }
      }
      console.log(fontFamily);
      return fontFamily;
    }

result, same session: fake_05217536698321945

result, different session: fake_688707112546648

unsupported: false

passed: true

test failed: false
Failed
write: async (key) => {
      const href = testURI("resource", "css", key);
      const head = document.getElementsByTagName("head")[0];
      head.innerHTML += `<link type="text/css" rel="stylesheet" href="${href}">`;
      const testElement = document.querySelector("#css");
      let fontFamily;
      while (true) {
        await sleepMs(100);
        fontFamily = getComputedStyle(testElement).fontFamily;
        if (fontFamily.startsWith("fake")) {
          break;
        }
      }
      console.log(fontFamily);
      return key;
    }

read: async (key) => {
      const href = testURI("resource", "css", key);
      const head = document.getElementsByTagName("head")[0];
      head.innerHTML += `<link type="text/css" rel="stylesheet" href="${href}">`;
      const testElement = document.querySelector("#css");
      let fontFamily;
      while (true) {
        await sleepMs(100);
        fontFamily = getComputedStyle(testElement).fontFamily;
        if (fontFamily.startsWith("fake")) {
          break;
        }
      }
      console.log(fontFamily);
      return fontFamily;
    }

result, same session: fake_25904896503836516

result, different session: fake_25904896503836516

unsupported: false

passed: false

test failed: false
favicon cache
A favicon is an icon that represents a website, typically shown in browser tab and bookmarks menu. If the favicon cache is not partitioned, it can be used to track users across websites.
              
Unsupported
write: (key) => key

read: async (key) => {
      // Wait for the favicon to load (defined in supercookies.html)
      await sleepMs(2000);
      let response = await fetch(
        testURI("ctr", "favicon", key), {"cache": "reload"});
      let count = (await response.text()).trim();
      if (count === "0") {
        throw new Error("No requests received");
      }
      return count;
    }

result, same session: Error: Failed to fetch

result, different session: 1

unsupported: true

passed: undefined

test failed: false
Failed
write: (key) => key

read: async (key) => {
      // Wait for the favicon to load (defined in supercookies.html)
      await sleepMs(2000);
      let response = await fetch(
        testURI("ctr", "favicon", key), {"cache": "reload"});
      let count = (await response.text()).trim();
      if (count === "0") {
        throw new Error("No requests received");
      }
      return count;
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: (key) => key

read: async (key) => {
      // Wait for the favicon to load (defined in supercookies.html)
      await sleepMs(2000);
      let response = await fetch(
        testURI("ctr", "favicon", key), {"cache": "reload"});
      let count = (await response.text()).trim();
      if (count === "0") {
        throw new Error("No requests received");
      }
      return count;
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: (key) => key

read: async (key) => {
      // Wait for the favicon to load (defined in supercookies.html)
      await sleepMs(2000);
      let response = await fetch(
        testURI("ctr", "favicon", key), {"cache": "reload"});
      let count = (await response.text()).trim();
      if (count === "0") {
        throw new Error("No requests received");
      }
      return count;
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: (key) => key

read: async (key) => {
      // Wait for the favicon to load (defined in supercookies.html)
      await sleepMs(2000);
      let response = await fetch(
        testURI("ctr", "favicon", key), {"cache": "reload"});
      let count = (await response.text()).trim();
      if (count === "0") {
        throw new Error("No requests received");
      }
      return count;
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: (key) => key

read: async (key) => {
      // Wait for the favicon to load (defined in supercookies.html)
      await sleepMs(2000);
      let response = await fetch(
        testURI("ctr", "favicon", key), {"cache": "reload"});
      let count = (await response.text()).trim();
      if (count === "0") {
        throw new Error("No requests received");
      }
      return count;
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: (key) => key

read: async (key) => {
      // Wait for the favicon to load (defined in supercookies.html)
      await sleepMs(2000);
      let response = await fetch(
        testURI("ctr", "favicon", key), {"cache": "reload"});
      let count = (await response.text()).trim();
      if (count === "0") {
        throw new Error("No requests received");
      }
      return count;
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Passed
write: (key) => key

read: async (key) => {
      // Wait for the favicon to load (defined in supercookies.html)
      await sleepMs(2000);
      let response = await fetch(
        testURI("ctr", "favicon", key), {"cache": "reload"});
      let count = (await response.text()).trim();
      if (count === "0") {
        throw new Error("No requests received");
      }
      return count;
    }

result, same session: 1

result, different session: 2

unsupported: false

passed: true

test failed: false
Failed
write: (key) => key

read: async (key) => {
      // Wait for the favicon to load (defined in supercookies.html)
      await sleepMs(2000);
      let response = await fetch(
        testURI("ctr", "favicon", key), {"cache": "reload"});
      let count = (await response.text()).trim();
      if (count === "0") {
        throw new Error("No requests received");
      }
      return count;
    }

result, same session: 2

result, different session: 2

unsupported: false

passed: false

test failed: false
fetch cache
When a resource is received via the Fetch API, it is frequently cached. That cache can potentially be abused for cross-site tracking.
              
Failed
write: async (key) => {
      let response = await fetch(testURI("resource", "fetch", key),
                                 {cache: "force-cache"});
      return key;
    }

read: async (key) => {
      let response = await fetch(testURI("resource", "fetch", key),
                                 {cache: "force-cache"});
      let countResponse = await fetch(testURI("ctr", "fetch", key),
                                      {cache: "reload"});
      return (await countResponse.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: async (key) => {
      let response = await fetch(testURI("resource", "fetch", key),
                                 {cache: "force-cache"});
      return key;
    }

read: async (key) => {
      let response = await fetch(testURI("resource", "fetch", key),
                                 {cache: "force-cache"});
      let countResponse = await fetch(testURI("ctr", "fetch", key),
                                      {cache: "reload"});
      return (await countResponse.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: async (key) => {
      let response = await fetch(testURI("resource", "fetch", key),
                                 {cache: "force-cache"});
      return key;
    }

read: async (key) => {
      let response = await fetch(testURI("resource", "fetch", key),
                                 {cache: "force-cache"});
      let countResponse = await fetch(testURI("ctr", "fetch", key),
                                      {cache: "reload"});
      return (await countResponse.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: async (key) => {
      let response = await fetch(testURI("resource", "fetch", key),
                                 {cache: "force-cache"});
      return key;
    }

read: async (key) => {
      let response = await fetch(testURI("resource", "fetch", key),
                                 {cache: "force-cache"});
      let countResponse = await fetch(testURI("ctr", "fetch", key),
                                      {cache: "reload"});
      return (await countResponse.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: async (key) => {
      let response = await fetch(testURI("resource", "fetch", key),
                                 {cache: "force-cache"});
      return key;
    }

read: async (key) => {
      let response = await fetch(testURI("resource", "fetch", key),
                                 {cache: "force-cache"});
      let countResponse = await fetch(testURI("ctr", "fetch", key),
                                      {cache: "reload"});
      return (await countResponse.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: async (key) => {
      let response = await fetch(testURI("resource", "fetch", key),
                                 {cache: "force-cache"});
      return key;
    }

read: async (key) => {
      let response = await fetch(testURI("resource", "fetch", key),
                                 {cache: "force-cache"});
      let countResponse = await fetch(testURI("ctr", "fetch", key),
                                      {cache: "reload"});
      return (await countResponse.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: async (key) => {
      let response = await fetch(testURI("resource", "fetch", key),
                                 {cache: "force-cache"});
      return key;
    }

read: async (key) => {
      let response = await fetch(testURI("resource", "fetch", key),
                                 {cache: "force-cache"});
      let countResponse = await fetch(testURI("ctr", "fetch", key),
                                      {cache: "reload"});
      return (await countResponse.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Passed
write: async (key) => {
      let response = await fetch(testURI("resource", "fetch", key),
                                 {cache: "force-cache"});
      return key;
    }

read: async (key) => {
      let response = await fetch(testURI("resource", "fetch", key),
                                 {cache: "force-cache"});
      let countResponse = await fetch(testURI("ctr", "fetch", key),
                                      {cache: "reload"});
      return (await countResponse.text()).trim();
    }

result, same session: 1

result, different session: 2

unsupported: false

passed: true

test failed: false
Failed
write: async (key) => {
      let response = await fetch(testURI("resource", "fetch", key),
                                 {cache: "force-cache"});
      return key;
    }

read: async (key) => {
      let response = await fetch(testURI("resource", "fetch", key),
                                 {cache: "force-cache"});
      let countResponse = await fetch(testURI("ctr", "fetch", key),
                                      {cache: "reload"});
      return (await countResponse.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
font cache
Web fonts are sometimes stored in their own cache, which is vulnerable to being abused for cross-site tracking.
              
Failed
write: async (key) => {
      let style = document.createElement("style");
      style.type='text/css';
      let fontURI = testURI("resource", "font", key);
      style.innerHTML = `@font-face {font-family: "myFont"; src: url("${fontURI}"); } body { font-family: "myFont" }`;
      document.getElementsByTagName("head")[0].appendChild(style);
      return key;
    }

read: async (key) => {
      const text = document.createElement("span");
      text.id = "text";
      text.innerText = "test";
      document.body.appendChild(text);
      const originalWidth = text.getBoundingClientRect().width;
      let style = document.createElement("style");
      style.type='text/css';
      let fontURI = testURI("resource", "font", key);
      style.innerHTML = `@font-face {font-family: "myFont"; src: url("${fontURI}"); } #text { font-family: "myFont" }`;
      document.getElementsByTagName("head")[0].appendChild(style);
      let newWidth;
      do {
        await sleepMs(100);
        newWidth = text.getBoundingClientRect().width;
      } while (newWidth < 0 || newWidth === originalWidth)
      let response = await fetch(
        testURI("ctr", "font", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: async (key) => {
      let style = document.createElement("style");
      style.type='text/css';
      let fontURI = testURI("resource", "font", key);
      style.innerHTML = `@font-face {font-family: "myFont"; src: url("${fontURI}"); } body { font-family: "myFont" }`;
      document.getElementsByTagName("head")[0].appendChild(style);
      return key;
    }

read: async (key) => {
      const text = document.createElement("span");
      text.id = "text";
      text.innerText = "test";
      document.body.appendChild(text);
      const originalWidth = text.getBoundingClientRect().width;
      let style = document.createElement("style");
      style.type='text/css';
      let fontURI = testURI("resource", "font", key);
      style.innerHTML = `@font-face {font-family: "myFont"; src: url("${fontURI}"); } #text { font-family: "myFont" }`;
      document.getElementsByTagName("head")[0].appendChild(style);
      let newWidth;
      do {
        await sleepMs(100);
        newWidth = text.getBoundingClientRect().width;
      } while (newWidth < 0 || newWidth === originalWidth)
      let response = await fetch(
        testURI("ctr", "font", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: async (key) => {
      let style = document.createElement("style");
      style.type='text/css';
      let fontURI = testURI("resource", "font", key);
      style.innerHTML = `@font-face {font-family: "myFont"; src: url("${fontURI}"); } body { font-family: "myFont" }`;
      document.getElementsByTagName("head")[0].appendChild(style);
      return key;
    }

read: async (key) => {
      const text = document.createElement("span");
      text.id = "text";
      text.innerText = "test";
      document.body.appendChild(text);
      const originalWidth = text.getBoundingClientRect().width;
      let style = document.createElement("style");
      style.type='text/css';
      let fontURI = testURI("resource", "font", key);
      style.innerHTML = `@font-face {font-family: "myFont"; src: url("${fontURI}"); } #text { font-family: "myFont" }`;
      document.getElementsByTagName("head")[0].appendChild(style);
      let newWidth;
      do {
        await sleepMs(100);
        newWidth = text.getBoundingClientRect().width;
      } while (newWidth < 0 || newWidth === originalWidth)
      let response = await fetch(
        testURI("ctr", "font", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Unsupported
write: async (key) => {
      let style = document.createElement("style");
      style.type='text/css';
      let fontURI = testURI("resource", "font", key);
      style.innerHTML = `@font-face {font-family: "myFont"; src: url("${fontURI}"); } body { font-family: "myFont" }`;
      document.getElementsByTagName("head")[0].appendChild(style);
      return key;
    }

read: async (key) => {
      const text = document.createElement("span");
      text.id = "text";
      text.innerText = "test";
      document.body.appendChild(text);
      const originalWidth = text.getBoundingClientRect().width;
      let style = document.createElement("style");
      style.type='text/css';
      let fontURI = testURI("resource", "font", key);
      style.innerHTML = `@font-face {font-family: "myFont"; src: url("${fontURI}"); } #text { font-family: "myFont" }`;
      document.getElementsByTagName("head")[0].appendChild(style);
      let newWidth;
      do {
        await sleepMs(100);
        newWidth = text.getBoundingClientRect().width;
      } while (newWidth < 0 || newWidth === originalWidth)
      let response = await fetch(
        testURI("ctr", "font", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: Error: Failed to fetch

result, different session: 1

unsupported: true

passed: undefined

test failed: false
Failed
write: async (key) => {
      let style = document.createElement("style");
      style.type='text/css';
      let fontURI = testURI("resource", "font", key);
      style.innerHTML = `@font-face {font-family: "myFont"; src: url("${fontURI}"); } body { font-family: "myFont" }`;
      document.getElementsByTagName("head")[0].appendChild(style);
      return key;
    }

read: async (key) => {
      const text = document.createElement("span");
      text.id = "text";
      text.innerText = "test";
      document.body.appendChild(text);
      const originalWidth = text.getBoundingClientRect().width;
      let style = document.createElement("style");
      style.type='text/css';
      let fontURI = testURI("resource", "font", key);
      style.innerHTML = `@font-face {font-family: "myFont"; src: url("${fontURI}"); } #text { font-family: "myFont" }`;
      document.getElementsByTagName("head")[0].appendChild(style);
      let newWidth;
      do {
        await sleepMs(100);
        newWidth = text.getBoundingClientRect().width;
      } while (newWidth < 0 || newWidth === originalWidth)
      let response = await fetch(
        testURI("ctr", "font", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: async (key) => {
      let style = document.createElement("style");
      style.type='text/css';
      let fontURI = testURI("resource", "font", key);
      style.innerHTML = `@font-face {font-family: "myFont"; src: url("${fontURI}"); } body { font-family: "myFont" }`;
      document.getElementsByTagName("head")[0].appendChild(style);
      return key;
    }

read: async (key) => {
      const text = document.createElement("span");
      text.id = "text";
      text.innerText = "test";
      document.body.appendChild(text);
      const originalWidth = text.getBoundingClientRect().width;
      let style = document.createElement("style");
      style.type='text/css';
      let fontURI = testURI("resource", "font", key);
      style.innerHTML = `@font-face {font-family: "myFont"; src: url("${fontURI}"); } #text { font-family: "myFont" }`;
      document.getElementsByTagName("head")[0].appendChild(style);
      let newWidth;
      do {
        await sleepMs(100);
        newWidth = text.getBoundingClientRect().width;
      } while (newWidth < 0 || newWidth === originalWidth)
      let response = await fetch(
        testURI("ctr", "font", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: async (key) => {
      let style = document.createElement("style");
      style.type='text/css';
      let fontURI = testURI("resource", "font", key);
      style.innerHTML = `@font-face {font-family: "myFont"; src: url("${fontURI}"); } body { font-family: "myFont" }`;
      document.getElementsByTagName("head")[0].appendChild(style);
      return key;
    }

read: async (key) => {
      const text = document.createElement("span");
      text.id = "text";
      text.innerText = "test";
      document.body.appendChild(text);
      const originalWidth = text.getBoundingClientRect().width;
      let style = document.createElement("style");
      style.type='text/css';
      let fontURI = testURI("resource", "font", key);
      style.innerHTML = `@font-face {font-family: "myFont"; src: url("${fontURI}"); } #text { font-family: "myFont" }`;
      document.getElementsByTagName("head")[0].appendChild(style);
      let newWidth;
      do {
        await sleepMs(100);
        newWidth = text.getBoundingClientRect().width;
      } while (newWidth < 0 || newWidth === originalWidth)
      let response = await fetch(
        testURI("ctr", "font", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Passed
write: async (key) => {
      let style = document.createElement("style");
      style.type='text/css';
      let fontURI = testURI("resource", "font", key);
      style.innerHTML = `@font-face {font-family: "myFont"; src: url("${fontURI}"); } body { font-family: "myFont" }`;
      document.getElementsByTagName("head")[0].appendChild(style);
      return key;
    }

read: async (key) => {
      const text = document.createElement("span");
      text.id = "text";
      text.innerText = "test";
      document.body.appendChild(text);
      const originalWidth = text.getBoundingClientRect().width;
      let style = document.createElement("style");
      style.type='text/css';
      let fontURI = testURI("resource", "font", key);
      style.innerHTML = `@font-face {font-family: "myFont"; src: url("${fontURI}"); } #text { font-family: "myFont" }`;
      document.getElementsByTagName("head")[0].appendChild(style);
      let newWidth;
      do {
        await sleepMs(100);
        newWidth = text.getBoundingClientRect().width;
      } while (newWidth < 0 || newWidth === originalWidth)
      let response = await fetch(
        testURI("ctr", "font", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 2

unsupported: false

passed: true

test failed: false
Unsupported
write: async (key) => {
      let style = document.createElement("style");
      style.type='text/css';
      let fontURI = testURI("resource", "font", key);
      style.innerHTML = `@font-face {font-family: "myFont"; src: url("${fontURI}"); } body { font-family: "myFont" }`;
      document.getElementsByTagName("head")[0].appendChild(style);
      return key;
    }

read: async (key) => {
      const text = document.createElement("span");
      text.id = "text";
      text.innerText = "test";
      document.body.appendChild(text);
      const originalWidth = text.getBoundingClientRect().width;
      let style = document.createElement("style");
      style.type='text/css';
      let fontURI = testURI("resource", "font", key);
      style.innerHTML = `@font-face {font-family: "myFont"; src: url("${fontURI}"); } #text { font-family: "myFont" }`;
      document.getElementsByTagName("head")[0].appendChild(style);
      let newWidth;
      do {
        await sleepMs(100);
        newWidth = text.getBoundingClientRect().width;
      } while (newWidth < 0 || newWidth === originalWidth)
      let response = await fetch(
        testURI("ctr", "font", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: Error: Failed to fetch

result, different session: 1

unsupported: true

passed: undefined

test failed: false
iframe cache
An iframe is an element in a web page than allows websites to embed a second web page. Caching of this web page could be abused for cross-site tracking.
              
Failed
write: (key) => new Promise((resolve, reject) => {
      let iframe = document.createElement("iframe");
      document.body.appendChild(iframe);
      iframe.addEventListener("load", () => resolve(key), {once: true});
      iframe.src = testURI("resource", "page", key);
    })

read: async (key) => {
      let iframe = document.createElement("iframe");
      document.body.appendChild(iframe);
      let iframeLoadPromise = new Promise((resolve, reject) => {
        iframe.addEventListener("load", resolve, {once: true});
      });
      let address = testURI("resource", "page", key);
      iframe.src = address;
      await iframeLoadPromise;
      let response = await fetch(
        testURI("ctr", "page", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: (key) => new Promise((resolve, reject) => {
      let iframe = document.createElement("iframe");
      document.body.appendChild(iframe);
      iframe.addEventListener("load", () => resolve(key), {once: true});
      iframe.src = testURI("resource", "page", key);
    })

read: async (key) => {
      let iframe = document.createElement("iframe");
      document.body.appendChild(iframe);
      let iframeLoadPromise = new Promise((resolve, reject) => {
        iframe.addEventListener("load", resolve, {once: true});
      });
      let address = testURI("resource", "page", key);
      iframe.src = address;
      await iframeLoadPromise;
      let response = await fetch(
        testURI("ctr", "page", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: (key) => new Promise((resolve, reject) => {
      let iframe = document.createElement("iframe");
      document.body.appendChild(iframe);
      iframe.addEventListener("load", () => resolve(key), {once: true});
      iframe.src = testURI("resource", "page", key);
    })

read: async (key) => {
      let iframe = document.createElement("iframe");
      document.body.appendChild(iframe);
      let iframeLoadPromise = new Promise((resolve, reject) => {
        iframe.addEventListener("load", resolve, {once: true});
      });
      let address = testURI("resource", "page", key);
      iframe.src = address;
      await iframeLoadPromise;
      let response = await fetch(
        testURI("ctr", "page", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: (key) => new Promise((resolve, reject) => {
      let iframe = document.createElement("iframe");
      document.body.appendChild(iframe);
      iframe.addEventListener("load", () => resolve(key), {once: true});
      iframe.src = testURI("resource", "page", key);
    })

read: async (key) => {
      let iframe = document.createElement("iframe");
      document.body.appendChild(iframe);
      let iframeLoadPromise = new Promise((resolve, reject) => {
        iframe.addEventListener("load", resolve, {once: true});
      });
      let address = testURI("resource", "page", key);
      iframe.src = address;
      await iframeLoadPromise;
      let response = await fetch(
        testURI("ctr", "page", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: (key) => new Promise((resolve, reject) => {
      let iframe = document.createElement("iframe");
      document.body.appendChild(iframe);
      iframe.addEventListener("load", () => resolve(key), {once: true});
      iframe.src = testURI("resource", "page", key);
    })

read: async (key) => {
      let iframe = document.createElement("iframe");
      document.body.appendChild(iframe);
      let iframeLoadPromise = new Promise((resolve, reject) => {
        iframe.addEventListener("load", resolve, {once: true});
      });
      let address = testURI("resource", "page", key);
      iframe.src = address;
      await iframeLoadPromise;
      let response = await fetch(
        testURI("ctr", "page", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: (key) => new Promise((resolve, reject) => {
      let iframe = document.createElement("iframe");
      document.body.appendChild(iframe);
      iframe.addEventListener("load", () => resolve(key), {once: true});
      iframe.src = testURI("resource", "page", key);
    })

read: async (key) => {
      let iframe = document.createElement("iframe");
      document.body.appendChild(iframe);
      let iframeLoadPromise = new Promise((resolve, reject) => {
        iframe.addEventListener("load", resolve, {once: true});
      });
      let address = testURI("resource", "page", key);
      iframe.src = address;
      await iframeLoadPromise;
      let response = await fetch(
        testURI("ctr", "page", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: (key) => new Promise((resolve, reject) => {
      let iframe = document.createElement("iframe");
      document.body.appendChild(iframe);
      iframe.addEventListener("load", () => resolve(key), {once: true});
      iframe.src = testURI("resource", "page", key);
    })

read: async (key) => {
      let iframe = document.createElement("iframe");
      document.body.appendChild(iframe);
      let iframeLoadPromise = new Promise((resolve, reject) => {
        iframe.addEventListener("load", resolve, {once: true});
      });
      let address = testURI("resource", "page", key);
      iframe.src = address;
      await iframeLoadPromise;
      let response = await fetch(
        testURI("ctr", "page", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Passed
write: (key) => new Promise((resolve, reject) => {
      let iframe = document.createElement("iframe");
      document.body.appendChild(iframe);
      iframe.addEventListener("load", () => resolve(key), {once: true});
      iframe.src = testURI("resource", "page", key);
    })

read: async (key) => {
      let iframe = document.createElement("iframe");
      document.body.appendChild(iframe);
      let iframeLoadPromise = new Promise((resolve, reject) => {
        iframe.addEventListener("load", resolve, {once: true});
      });
      let address = testURI("resource", "page", key);
      iframe.src = address;
      await iframeLoadPromise;
      let response = await fetch(
        testURI("ctr", "page", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 2

unsupported: false

passed: true

test failed: false
Failed
write: (key) => new Promise((resolve, reject) => {
      let iframe = document.createElement("iframe");
      document.body.appendChild(iframe);
      iframe.addEventListener("load", () => resolve(key), {once: true});
      iframe.src = testURI("resource", "page", key);
    })

read: async (key) => {
      let iframe = document.createElement("iframe");
      document.body.appendChild(iframe);
      let iframeLoadPromise = new Promise((resolve, reject) => {
        iframe.addEventListener("load", resolve, {once: true});
      });
      let address = testURI("resource", "page", key);
      iframe.src = address;
      await iframeLoadPromise;
      let response = await fetch(
        testURI("ctr", "page", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
image cache
Caching of images in web browsers is a standard behavior. But if that cache leaks between websites, it can be abused for cross-site tracking.
              
Failed
write: (key) => new Promise((resolve, reject) => {
      let img = document.createElement("img");
      document.body.appendChild(img);
      img.addEventListener("load", () => resolve(key), {once: true});
      img.src = testURI("resource", "image", key);
    })

read: async (key) => {
      let img = document.createElement("img");
      document.body.appendChild(img);
      let imgLoadPromise = new Promise((resolve, reject) => {
        img.addEventListener("load", resolve, {once: true});
      });
      img.src = testURI("resource", "image", key);
      await imgLoadPromise;
      let response = await fetch(
        testURI("ctr", "image", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: (key) => new Promise((resolve, reject) => {
      let img = document.createElement("img");
      document.body.appendChild(img);
      img.addEventListener("load", () => resolve(key), {once: true});
      img.src = testURI("resource", "image", key);
    })

read: async (key) => {
      let img = document.createElement("img");
      document.body.appendChild(img);
      let imgLoadPromise = new Promise((resolve, reject) => {
        img.addEventListener("load", resolve, {once: true});
      });
      img.src = testURI("resource", "image", key);
      await imgLoadPromise;
      let response = await fetch(
        testURI("ctr", "image", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: (key) => new Promise((resolve, reject) => {
      let img = document.createElement("img");
      document.body.appendChild(img);
      img.addEventListener("load", () => resolve(key), {once: true});
      img.src = testURI("resource", "image", key);
    })

read: async (key) => {
      let img = document.createElement("img");
      document.body.appendChild(img);
      let imgLoadPromise = new Promise((resolve, reject) => {
        img.addEventListener("load", resolve, {once: true});
      });
      img.src = testURI("resource", "image", key);
      await imgLoadPromise;
      let response = await fetch(
        testURI("ctr", "image", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: (key) => new Promise((resolve, reject) => {
      let img = document.createElement("img");
      document.body.appendChild(img);
      img.addEventListener("load", () => resolve(key), {once: true});
      img.src = testURI("resource", "image", key);
    })

read: async (key) => {
      let img = document.createElement("img");
      document.body.appendChild(img);
      let imgLoadPromise = new Promise((resolve, reject) => {
        img.addEventListener("load", resolve, {once: true});
      });
      img.src = testURI("resource", "image", key);
      await imgLoadPromise;
      let response = await fetch(
        testURI("ctr", "image", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: (key) => new Promise((resolve, reject) => {
      let img = document.createElement("img");
      document.body.appendChild(img);
      img.addEventListener("load", () => resolve(key), {once: true});
      img.src = testURI("resource", "image", key);
    })

read: async (key) => {
      let img = document.createElement("img");
      document.body.appendChild(img);
      let imgLoadPromise = new Promise((resolve, reject) => {
        img.addEventListener("load", resolve, {once: true});
      });
      img.src = testURI("resource", "image", key);
      await imgLoadPromise;
      let response = await fetch(
        testURI("ctr", "image", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: (key) => new Promise((resolve, reject) => {
      let img = document.createElement("img");
      document.body.appendChild(img);
      img.addEventListener("load", () => resolve(key), {once: true});
      img.src = testURI("resource", "image", key);
    })

read: async (key) => {
      let img = document.createElement("img");
      document.body.appendChild(img);
      let imgLoadPromise = new Promise((resolve, reject) => {
        img.addEventListener("load", resolve, {once: true});
      });
      img.src = testURI("resource", "image", key);
      await imgLoadPromise;
      let response = await fetch(
        testURI("ctr", "image", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: (key) => new Promise((resolve, reject) => {
      let img = document.createElement("img");
      document.body.appendChild(img);
      img.addEventListener("load", () => resolve(key), {once: true});
      img.src = testURI("resource", "image", key);
    })

read: async (key) => {
      let img = document.createElement("img");
      document.body.appendChild(img);
      let imgLoadPromise = new Promise((resolve, reject) => {
        img.addEventListener("load", resolve, {once: true});
      });
      img.src = testURI("resource", "image", key);
      await imgLoadPromise;
      let response = await fetch(
        testURI("ctr", "image", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Passed
write: (key) => new Promise((resolve, reject) => {
      let img = document.createElement("img");
      document.body.appendChild(img);
      img.addEventListener("load", () => resolve(key), {once: true});
      img.src = testURI("resource", "image", key);
    })

read: async (key) => {
      let img = document.createElement("img");
      document.body.appendChild(img);
      let imgLoadPromise = new Promise((resolve, reject) => {
        img.addEventListener("load", resolve, {once: true});
      });
      img.src = testURI("resource", "image", key);
      await imgLoadPromise;
      let response = await fetch(
        testURI("ctr", "image", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 2

unsupported: false

passed: true

test failed: false
Failed
write: (key) => new Promise((resolve, reject) => {
      let img = document.createElement("img");
      document.body.appendChild(img);
      img.addEventListener("load", () => resolve(key), {once: true});
      img.src = testURI("resource", "image", key);
    })

read: async (key) => {
      let img = document.createElement("img");
      document.body.appendChild(img);
      let imgLoadPromise = new Promise((resolve, reject) => {
        img.addEventListener("load", resolve, {once: true});
      });
      img.src = testURI("resource", "image", key);
      await imgLoadPromise;
      let response = await fetch(
        testURI("ctr", "image", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
indexedDB
The IndexedDB API exposes a transactional database to web pages. That database can be used to track users across websites, unless it is partitioned.
              
Failed
write: async (secret) => {
      try {
        return await IdbKeyVal.set("secret", secret);
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: () => IdbKeyVal.get("secret")

result, same session: f7e729f7-9e22-4b1b-baa7-038cdd2b7466_1p

result, different session: f7e729f7-9e22-4b1b-baa7-038cdd2b7466_1p

unsupported: false

passed: false

test failed: false
Failed
write: async (secret) => {
      try {
        return await IdbKeyVal.set("secret", secret);
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: () => IdbKeyVal.get("secret")

result, same session: eac80989-abd5-4d75-ab7d-bc4b3f378167_1p

result, different session: eac80989-abd5-4d75-ab7d-bc4b3f378167_1p

unsupported: false

passed: false

test failed: false
Passed
write: async (secret) => {
      try {
        return await IdbKeyVal.set("secret", secret);
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: () => IdbKeyVal.get("secret")

result, same session: 8dcf3049-0641-4832-bc66-2373dea8b2ff_1p

result, different session: undefined

unsupported: false

passed: true

test failed: false
Failed
write: async (secret) => {
      try {
        return await IdbKeyVal.set("secret", secret);
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: () => IdbKeyVal.get("secret")

result, same session: 25ffccc7-68bd-4d2f-86e0-8a0bb87be277_1p

result, different session: 25ffccc7-68bd-4d2f-86e0-8a0bb87be277_1p

unsupported: false

passed: false

test failed: false
Failed
write: async (secret) => {
      try {
        return await IdbKeyVal.set("secret", secret);
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: () => IdbKeyVal.get("secret")

result, same session: eb0dda01-983e-40e8-b21b-217f51793243_1p

result, different session: eb0dda01-983e-40e8-b21b-217f51793243_1p

unsupported: false

passed: false

test failed: false
Failed
write: async (secret) => {
      try {
        return await IdbKeyVal.set("secret", secret);
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: () => IdbKeyVal.get("secret")

result, same session: e91cf262-3db2-4ce2-9312-b912493f0ef0_1p

result, different session: e91cf262-3db2-4ce2-9312-b912493f0ef0_1p

unsupported: false

passed: false

test failed: false
Failed
write: async (secret) => {
      try {
        return await IdbKeyVal.set("secret", secret);
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: () => IdbKeyVal.get("secret")

result, same session: e54f56ee-527d-4b84-847f-9120b105376f_1p

result, different session: e54f56ee-527d-4b84-847f-9120b105376f_1p

unsupported: false

passed: false

test failed: false
Passed
write: async (secret) => {
      try {
        return await IdbKeyVal.set("secret", secret);
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: () => IdbKeyVal.get("secret")

result, same session: 80df2b1d-cc96-4f9a-8af8-418737aa9557_1p

result, different session: undefined

unsupported: false

passed: true

test failed: false
Failed
write: async (secret) => {
      try {
        return await IdbKeyVal.set("secret", secret);
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: () => IdbKeyVal.get("secret")

result, same session: 5c4b21b3-6581-43d2-8006-dc5d38ff986b_1p

result, different session: 5c4b21b3-6581-43d2-8006-dc5d38ff986b_1p

unsupported: false

passed: false

test failed: false
localStorage
The localStorage API gives websites access to a key-value database that will remain available across visits. If the localStorage API is not partitioned or blocked, it can also be used to track users across websites.
              
Failed
write: (secret) => localStorage.setItem("secret", secret)

read: () => localStorage.getItem("secret")

result, same session: f7e729f7-9e22-4b1b-baa7-038cdd2b7466_1p

result, different session: f7e729f7-9e22-4b1b-baa7-038cdd2b7466_1p

unsupported: false

passed: false

test failed: false
Failed
write: (secret) => localStorage.setItem("secret", secret)

read: () => localStorage.getItem("secret")

result, same session: eac80989-abd5-4d75-ab7d-bc4b3f378167_1p

result, different session: eac80989-abd5-4d75-ab7d-bc4b3f378167_1p

unsupported: false

passed: false

test failed: false
Passed
write: (secret) => localStorage.setItem("secret", secret)

read: () => localStorage.getItem("secret")

result, same session: 8dcf3049-0641-4832-bc66-2373dea8b2ff_1p

result, different session: null

unsupported: false

passed: true

test failed: false
Failed
write: (secret) => localStorage.setItem("secret", secret)

read: () => localStorage.getItem("secret")

result, same session: 25ffccc7-68bd-4d2f-86e0-8a0bb87be277_1p

result, different session: 25ffccc7-68bd-4d2f-86e0-8a0bb87be277_1p

unsupported: false

passed: false

test failed: false
Failed
write: (secret) => localStorage.setItem("secret", secret)

read: () => localStorage.getItem("secret")

result, same session: eb0dda01-983e-40e8-b21b-217f51793243_1p

result, different session: eb0dda01-983e-40e8-b21b-217f51793243_1p

unsupported: false

passed: false

test failed: false
Failed
write: (secret) => localStorage.setItem("secret", secret)

read: () => localStorage.getItem("secret")

result, same session: e91cf262-3db2-4ce2-9312-b912493f0ef0_1p

result, different session: e91cf262-3db2-4ce2-9312-b912493f0ef0_1p

unsupported: false

passed: false

test failed: false
Failed
write: (secret) => localStorage.setItem("secret", secret)

read: () => localStorage.getItem("secret")

result, same session: e54f56ee-527d-4b84-847f-9120b105376f_1p

result, different session: e54f56ee-527d-4b84-847f-9120b105376f_1p

unsupported: false

passed: false

test failed: false
Passed
write: (secret) => localStorage.setItem("secret", secret)

read: () => localStorage.getItem("secret")

result, same session: 80df2b1d-cc96-4f9a-8af8-418737aa9557_1p

result, different session: null

unsupported: false

passed: true

test failed: false
Failed
write: (secret) => localStorage.setItem("secret", secret)

read: () => localStorage.getItem("secret")

result, same session: 5c4b21b3-6581-43d2-8006-dc5d38ff986b_1p

result, different session: 5c4b21b3-6581-43d2-8006-dc5d38ff986b_1p

unsupported: false

passed: false

test failed: false
prefetch cache
A <link rel='prefetch'...> suggests to browsers they should fetch a resource ahead of time and cache it. But if browsers don't partition this cache, it can be used to track users across websites.
              
Failed
write: async (key) => {
      let link = document.createElement("link");
      link.rel = "prefetch";
      link.href = testURI("resource", "prefetch", key);
      document.getElementsByTagName("head")[0].appendChild(link);
      return key;
    }

read: async (key) => {
      let link = document.createElement("link");
      link.rel = "prefetch";
      link.href = testURI("resource", "prefetch", key);
      document.getElementsByTagName("head")[0].appendChild(link);
      await sleepMs(500);
      let response = await fetch(
        testURI("ctr", "prefetch", key), {"cache": "reload"});
      let countString = (await response.text()).trim();
      if (parseInt(countString) === 0) {
        throw new Error("No requests received");
      }
      return countString;
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: async (key) => {
      let link = document.createElement("link");
      link.rel = "prefetch";
      link.href = testURI("resource", "prefetch", key);
      document.getElementsByTagName("head")[0].appendChild(link);
      return key;
    }

read: async (key) => {
      let link = document.createElement("link");
      link.rel = "prefetch";
      link.href = testURI("resource", "prefetch", key);
      document.getElementsByTagName("head")[0].appendChild(link);
      await sleepMs(500);
      let response = await fetch(
        testURI("ctr", "prefetch", key), {"cache": "reload"});
      let countString = (await response.text()).trim();
      if (parseInt(countString) === 0) {
        throw new Error("No requests received");
      }
      return countString;
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Unsupported
write: async (key) => {
      let link = document.createElement("link");
      link.rel = "prefetch";
      link.href = testURI("resource", "prefetch", key);
      document.getElementsByTagName("head")[0].appendChild(link);
      return key;
    }

read: async (key) => {
      let link = document.createElement("link");
      link.rel = "prefetch";
      link.href = testURI("resource", "prefetch", key);
      document.getElementsByTagName("head")[0].appendChild(link);
      await sleepMs(500);
      let response = await fetch(
        testURI("ctr", "prefetch", key), {"cache": "reload"});
      let countString = (await response.text()).trim();
      if (parseInt(countString) === 0) {
        throw new Error("No requests received");
      }
      return countString;
    }

result, same session: Error: No requests received

result, different session: Error: No requests received

unsupported: true

passed: undefined

test failed: false
Failed
write: async (key) => {
      let link = document.createElement("link");
      link.rel = "prefetch";
      link.href = testURI("resource", "prefetch", key);
      document.getElementsByTagName("head")[0].appendChild(link);
      return key;
    }

read: async (key) => {
      let link = document.createElement("link");
      link.rel = "prefetch";
      link.href = testURI("resource", "prefetch", key);
      document.getElementsByTagName("head")[0].appendChild(link);
      await sleepMs(500);
      let response = await fetch(
        testURI("ctr", "prefetch", key), {"cache": "reload"});
      let countString = (await response.text()).trim();
      if (parseInt(countString) === 0) {
        throw new Error("No requests received");
      }
      return countString;
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: async (key) => {
      let link = document.createElement("link");
      link.rel = "prefetch";
      link.href = testURI("resource", "prefetch", key);
      document.getElementsByTagName("head")[0].appendChild(link);
      return key;
    }

read: async (key) => {
      let link = document.createElement("link");
      link.rel = "prefetch";
      link.href = testURI("resource", "prefetch", key);
      document.getElementsByTagName("head")[0].appendChild(link);
      await sleepMs(500);
      let response = await fetch(
        testURI("ctr", "prefetch", key), {"cache": "reload"});
      let countString = (await response.text()).trim();
      if (parseInt(countString) === 0) {
        throw new Error("No requests received");
      }
      return countString;
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: async (key) => {
      let link = document.createElement("link");
      link.rel = "prefetch";
      link.href = testURI("resource", "prefetch", key);
      document.getElementsByTagName("head")[0].appendChild(link);
      return key;
    }

read: async (key) => {
      let link = document.createElement("link");
      link.rel = "prefetch";
      link.href = testURI("resource", "prefetch", key);
      document.getElementsByTagName("head")[0].appendChild(link);
      await sleepMs(500);
      let response = await fetch(
        testURI("ctr", "prefetch", key), {"cache": "reload"});
      let countString = (await response.text()).trim();
      if (parseInt(countString) === 0) {
        throw new Error("No requests received");
      }
      return countString;
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Unsupported
write: async (key) => {
      let link = document.createElement("link");
      link.rel = "prefetch";
      link.href = testURI("resource", "prefetch", key);
      document.getElementsByTagName("head")[0].appendChild(link);
      return key;
    }

read: async (key) => {
      let link = document.createElement("link");
      link.rel = "prefetch";
      link.href = testURI("resource", "prefetch", key);
      document.getElementsByTagName("head")[0].appendChild(link);
      await sleepMs(500);
      let response = await fetch(
        testURI("ctr", "prefetch", key), {"cache": "reload"});
      let countString = (await response.text()).trim();
      if (parseInt(countString) === 0) {
        throw new Error("No requests received");
      }
      return countString;
    }

result, same session: Error: No requests received

result, different session: Error: No requests received

unsupported: true

passed: undefined

test failed: false
Unsupported
write: async (key) => {
      let link = document.createElement("link");
      link.rel = "prefetch";
      link.href = testURI("resource", "prefetch", key);
      document.getElementsByTagName("head")[0].appendChild(link);
      return key;
    }

read: async (key) => {
      let link = document.createElement("link");
      link.rel = "prefetch";
      link.href = testURI("resource", "prefetch", key);
      document.getElementsByTagName("head")[0].appendChild(link);
      await sleepMs(500);
      let response = await fetch(
        testURI("ctr", "prefetch", key), {"cache": "reload"});
      let countString = (await response.text()).trim();
      if (parseInt(countString) === 0) {
        throw new Error("No requests received");
      }
      return countString;
    }

result, same session: Error: No requests received

result, different session: Error: No requests received

unsupported: true

passed: undefined

test failed: false
Failed
write: async (key) => {
      let link = document.createElement("link");
      link.rel = "prefetch";
      link.href = testURI("resource", "prefetch", key);
      document.getElementsByTagName("head")[0].appendChild(link);
      return key;
    }

read: async (key) => {
      let link = document.createElement("link");
      link.rel = "prefetch";
      link.href = testURI("resource", "prefetch", key);
      document.getElementsByTagName("head")[0].appendChild(link);
      await sleepMs(500);
      let response = await fetch(
        testURI("ctr", "prefetch", key), {"cache": "reload"});
      let countString = (await response.text()).trim();
      if (parseInt(countString) === 0) {
        throw new Error("No requests received");
      }
      return countString;
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
script cache
Caching of scripts in web browsers is a standard behavior. But if that cache leaks between websites, it can be abused for cross-site tracking.
              
Failed
write: (key) => new Promise((resolve, reject) => {
      let script = document.createElement("script");
      document.body.appendChild(script);
      script.addEventListener("load", () => resolve(key), {once: true});
      script.src = testURI("resource", "script", key);
    })

read: async (key) => {
      let script = document.createElement("script");
      document.body.appendChild(script);
      let scriptLoadPromise = new Promise((resolve, reject) => {
        script.addEventListener("load", resolve, {once: true});
      });
      script.src = testURI("resource", "script", key);
      await scriptLoadPromise;
      let response = await fetch(
        testURI("ctr", "script", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: (key) => new Promise((resolve, reject) => {
      let script = document.createElement("script");
      document.body.appendChild(script);
      script.addEventListener("load", () => resolve(key), {once: true});
      script.src = testURI("resource", "script", key);
    })

read: async (key) => {
      let script = document.createElement("script");
      document.body.appendChild(script);
      let scriptLoadPromise = new Promise((resolve, reject) => {
        script.addEventListener("load", resolve, {once: true});
      });
      script.src = testURI("resource", "script", key);
      await scriptLoadPromise;
      let response = await fetch(
        testURI("ctr", "script", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: (key) => new Promise((resolve, reject) => {
      let script = document.createElement("script");
      document.body.appendChild(script);
      script.addEventListener("load", () => resolve(key), {once: true});
      script.src = testURI("resource", "script", key);
    })

read: async (key) => {
      let script = document.createElement("script");
      document.body.appendChild(script);
      let scriptLoadPromise = new Promise((resolve, reject) => {
        script.addEventListener("load", resolve, {once: true});
      });
      script.src = testURI("resource", "script", key);
      await scriptLoadPromise;
      let response = await fetch(
        testURI("ctr", "script", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: (key) => new Promise((resolve, reject) => {
      let script = document.createElement("script");
      document.body.appendChild(script);
      script.addEventListener("load", () => resolve(key), {once: true});
      script.src = testURI("resource", "script", key);
    })

read: async (key) => {
      let script = document.createElement("script");
      document.body.appendChild(script);
      let scriptLoadPromise = new Promise((resolve, reject) => {
        script.addEventListener("load", resolve, {once: true});
      });
      script.src = testURI("resource", "script", key);
      await scriptLoadPromise;
      let response = await fetch(
        testURI("ctr", "script", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: (key) => new Promise((resolve, reject) => {
      let script = document.createElement("script");
      document.body.appendChild(script);
      script.addEventListener("load", () => resolve(key), {once: true});
      script.src = testURI("resource", "script", key);
    })

read: async (key) => {
      let script = document.createElement("script");
      document.body.appendChild(script);
      let scriptLoadPromise = new Promise((resolve, reject) => {
        script.addEventListener("load", resolve, {once: true});
      });
      script.src = testURI("resource", "script", key);
      await scriptLoadPromise;
      let response = await fetch(
        testURI("ctr", "script", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: (key) => new Promise((resolve, reject) => {
      let script = document.createElement("script");
      document.body.appendChild(script);
      script.addEventListener("load", () => resolve(key), {once: true});
      script.src = testURI("resource", "script", key);
    })

read: async (key) => {
      let script = document.createElement("script");
      document.body.appendChild(script);
      let scriptLoadPromise = new Promise((resolve, reject) => {
        script.addEventListener("load", resolve, {once: true});
      });
      script.src = testURI("resource", "script", key);
      await scriptLoadPromise;
      let response = await fetch(
        testURI("ctr", "script", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: (key) => new Promise((resolve, reject) => {
      let script = document.createElement("script");
      document.body.appendChild(script);
      script.addEventListener("load", () => resolve(key), {once: true});
      script.src = testURI("resource", "script", key);
    })

read: async (key) => {
      let script = document.createElement("script");
      document.body.appendChild(script);
      let scriptLoadPromise = new Promise((resolve, reject) => {
        script.addEventListener("load", resolve, {once: true});
      });
      script.src = testURI("resource", "script", key);
      await scriptLoadPromise;
      let response = await fetch(
        testURI("ctr", "script", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Passed
write: (key) => new Promise((resolve, reject) => {
      let script = document.createElement("script");
      document.body.appendChild(script);
      script.addEventListener("load", () => resolve(key), {once: true});
      script.src = testURI("resource", "script", key);
    })

read: async (key) => {
      let script = document.createElement("script");
      document.body.appendChild(script);
      let scriptLoadPromise = new Promise((resolve, reject) => {
        script.addEventListener("load", resolve, {once: true});
      });
      script.src = testURI("resource", "script", key);
      await scriptLoadPromise;
      let response = await fetch(
        testURI("ctr", "script", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 2

unsupported: false

passed: true

test failed: false
Failed
write: (key) => new Promise((resolve, reject) => {
      let script = document.createElement("script");
      document.body.appendChild(script);
      script.addEventListener("load", () => resolve(key), {once: true});
      script.src = testURI("resource", "script", key);
    })

read: async (key) => {
      let script = document.createElement("script");
      document.body.appendChild(script);
      let scriptLoadPromise = new Promise((resolve, reject) => {
        script.addEventListener("load", resolve, {once: true});
      });
      script.src = testURI("resource", "script", key);
      await scriptLoadPromise;
      let response = await fetch(
        testURI("ctr", "script", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
XMLHttpRequest cache
Similar to the newer Fetch API, any resource received may be cached by the browser. The cache is potentially vulnerable to cross-site tracking attack.
              
Failed
write: async (key) => {
      const req = new XMLHttpRequest();
      const loadPromise = new Promise(resolve => req.addEventListener("load", resolve));
      req.open("GET", testURI("resource", "xhr", key));
      req.send();
      await loadPromise;
      return key;
    }

read: async (key) => {
      const req = new XMLHttpRequest();
      const loadPromise = new Promise(resolve => req.addEventListener("load", resolve));
      req.open("GET", testURI("resource", "xhr", key));
      req.send();
      await loadPromise;
      let countResponse = await fetch(testURI("ctr", "xhr", key),
                                      {cache: "reload"});
      return (await countResponse.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: async (key) => {
      const req = new XMLHttpRequest();
      const loadPromise = new Promise(resolve => req.addEventListener("load", resolve));
      req.open("GET", testURI("resource", "xhr", key));
      req.send();
      await loadPromise;
      return key;
    }

read: async (key) => {
      const req = new XMLHttpRequest();
      const loadPromise = new Promise(resolve => req.addEventListener("load", resolve));
      req.open("GET", testURI("resource", "xhr", key));
      req.send();
      await loadPromise;
      let countResponse = await fetch(testURI("ctr", "xhr", key),
                                      {cache: "reload"});
      return (await countResponse.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: async (key) => {
      const req = new XMLHttpRequest();
      const loadPromise = new Promise(resolve => req.addEventListener("load", resolve));
      req.open("GET", testURI("resource", "xhr", key));
      req.send();
      await loadPromise;
      return key;
    }

read: async (key) => {
      const req = new XMLHttpRequest();
      const loadPromise = new Promise(resolve => req.addEventListener("load", resolve));
      req.open("GET", testURI("resource", "xhr", key));
      req.send();
      await loadPromise;
      let countResponse = await fetch(testURI("ctr", "xhr", key),
                                      {cache: "reload"});
      return (await countResponse.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: async (key) => {
      const req = new XMLHttpRequest();
      const loadPromise = new Promise(resolve => req.addEventListener("load", resolve));
      req.open("GET", testURI("resource", "xhr", key));
      req.send();
      await loadPromise;
      return key;
    }

read: async (key) => {
      const req = new XMLHttpRequest();
      const loadPromise = new Promise(resolve => req.addEventListener("load", resolve));
      req.open("GET", testURI("resource", "xhr", key));
      req.send();
      await loadPromise;
      let countResponse = await fetch(testURI("ctr", "xhr", key),
                                      {cache: "reload"});
      return (await countResponse.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: async (key) => {
      const req = new XMLHttpRequest();
      const loadPromise = new Promise(resolve => req.addEventListener("load", resolve));
      req.open("GET", testURI("resource", "xhr", key));
      req.send();
      await loadPromise;
      return key;
    }

read: async (key) => {
      const req = new XMLHttpRequest();
      const loadPromise = new Promise(resolve => req.addEventListener("load", resolve));
      req.open("GET", testURI("resource", "xhr", key));
      req.send();
      await loadPromise;
      let countResponse = await fetch(testURI("ctr", "xhr", key),
                                      {cache: "reload"});
      return (await countResponse.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: async (key) => {
      const req = new XMLHttpRequest();
      const loadPromise = new Promise(resolve => req.addEventListener("load", resolve));
      req.open("GET", testURI("resource", "xhr", key));
      req.send();
      await loadPromise;
      return key;
    }

read: async (key) => {
      const req = new XMLHttpRequest();
      const loadPromise = new Promise(resolve => req.addEventListener("load", resolve));
      req.open("GET", testURI("resource", "xhr", key));
      req.send();
      await loadPromise;
      let countResponse = await fetch(testURI("ctr", "xhr", key),
                                      {cache: "reload"});
      return (await countResponse.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: async (key) => {
      const req = new XMLHttpRequest();
      const loadPromise = new Promise(resolve => req.addEventListener("load", resolve));
      req.open("GET", testURI("resource", "xhr", key));
      req.send();
      await loadPromise;
      return key;
    }

read: async (key) => {
      const req = new XMLHttpRequest();
      const loadPromise = new Promise(resolve => req.addEventListener("load", resolve));
      req.open("GET", testURI("resource", "xhr", key));
      req.send();
      await loadPromise;
      let countResponse = await fetch(testURI("ctr", "xhr", key),
                                      {cache: "reload"});
      return (await countResponse.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Passed
write: async (key) => {
      const req = new XMLHttpRequest();
      const loadPromise = new Promise(resolve => req.addEventListener("load", resolve));
      req.open("GET", testURI("resource", "xhr", key));
      req.send();
      await loadPromise;
      return key;
    }

read: async (key) => {
      const req = new XMLHttpRequest();
      const loadPromise = new Promise(resolve => req.addEventListener("load", resolve));
      req.open("GET", testURI("resource", "xhr", key));
      req.send();
      await loadPromise;
      let countResponse = await fetch(testURI("ctr", "xhr", key),
                                      {cache: "reload"});
      return (await countResponse.text()).trim();
    }

result, same session: 1

result, different session: 2

unsupported: false

passed: true

test failed: false
Failed
write: async (key) => {
      const req = new XMLHttpRequest();
      const loadPromise = new Promise(resolve => req.addEventListener("load", resolve));
      req.open("GET", testURI("resource", "xhr", key));
      req.send();
      await loadPromise;
      return key;
    }

read: async (key) => {
      const req = new XMLHttpRequest();
      const loadPromise = new Promise(resolve => req.addEventListener("load", resolve));
      req.open("GET", testURI("resource", "xhr", key));
      req.send();
      await loadPromise;
      let countResponse = await fetch(testURI("ctr", "xhr", key),
                                      {cache: "reload"});
      return (await countResponse.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Cross-session third-party tracking testsWhich browsers prevent third-party trackers from tracking you across browser sessions?
A common vulnerability of web browsers is that they allow third-party trackers to 'tag' your browser with some tracking data. This tag can be used to re-identify you when you return to a website you visited before. This category of leaks can be prevented by browser if they clean or isolate data between browser sessions. (In cases where a user has logged into a website or entered detailed information, it may be justifiable for a browser to retain information across sessions. These tests check when no such justification exists: when you have entered no significant information into a website, will the browser still retain data that allows you to be tracked across sessions?)
        
Alt-Svc
Alt-Svc allows the server to indicate to the web browser that a resource should be loaded on a different server. Because this is a persistent setting, it could be used to track users across websites if it is not correctly partitioned.
              
Failed
write: async () => {
      // Clear Alt-Svc caching first.
      let responseText = "";
      for (let i = 0; i < 3; ++i) {
        await fetch(altSvcOrigin + "/clear");
        await sleepMs(100);
      }
      responseText = await fetchText(altSvcOrigin + "/protocol");
      console.log("after clear:", responseText);
      // Store "h3" state in Alt-Svc cache
      for (let i = 0; i < 3; ++i) {
        await fetch(altSvcOrigin + "/set");
        await sleepMs(100);
      }
      responseText = await fetchText(altSvcOrigin + "/protocol");
      console.log("after set:", responseText);
    }

read: async () => {
      const protocol = await fetchText(altSvcOrigin + "/protocol");
      if ((new URL(location)).searchParams.get("thirdparty") === "same") {
        if (protocol !== "h3") {
          throw new Error("Unsupported");
        }
      }
      return protocol;
    }

result, same session: h3

result, different session: h3

unsupported: false

passed: false

test failed: false
Failed
write: async () => {
      // Clear Alt-Svc caching first.
      let responseText = "";
      for (let i = 0; i < 3; ++i) {
        await fetch(altSvcOrigin + "/clear");
        await sleepMs(100);
      }
      responseText = await fetchText(altSvcOrigin + "/protocol");
      console.log("after clear:", responseText);
      // Store "h3" state in Alt-Svc cache
      for (let i = 0; i < 3; ++i) {
        await fetch(altSvcOrigin + "/set");
        await sleepMs(100);
      }
      responseText = await fetchText(altSvcOrigin + "/protocol");
      console.log("after set:", responseText);
    }

read: async () => {
      const protocol = await fetchText(altSvcOrigin + "/protocol");
      if ((new URL(location)).searchParams.get("thirdparty") === "same") {
        if (protocol !== "h3") {
          throw new Error("Unsupported");
        }
      }
      return protocol;
    }

result, same session: h3

result, different session: h3

unsupported: false

passed: false

test failed: false
Unsupported
write: async () => {
      // Clear Alt-Svc caching first.
      let responseText = "";
      for (let i = 0; i < 3; ++i) {
        await fetch(altSvcOrigin + "/clear");
        await sleepMs(100);
      }
      responseText = await fetchText(altSvcOrigin + "/protocol");
      console.log("after clear:", responseText);
      // Store "h3" state in Alt-Svc cache
      for (let i = 0; i < 3; ++i) {
        await fetch(altSvcOrigin + "/set");
        await sleepMs(100);
      }
      responseText = await fetchText(altSvcOrigin + "/protocol");
      console.log("after set:", responseText);
    }

read: async () => {
      const protocol = await fetchText(altSvcOrigin + "/protocol");
      if ((new URL(location)).searchParams.get("thirdparty") === "same") {
        if (protocol !== "h3") {
          throw new Error("Unsupported");
        }
      }
      return protocol;
    }

result, same session: h2

result, different session: h3

unsupported: true

passed: undefined

test failed: false
Failed
write: async () => {
      // Clear Alt-Svc caching first.
      let responseText = "";
      for (let i = 0; i < 3; ++i) {
        await fetch(altSvcOrigin + "/clear");
        await sleepMs(100);
      }
      responseText = await fetchText(altSvcOrigin + "/protocol");
      console.log("after clear:", responseText);
      // Store "h3" state in Alt-Svc cache
      for (let i = 0; i < 3; ++i) {
        await fetch(altSvcOrigin + "/set");
        await sleepMs(100);
      }
      responseText = await fetchText(altSvcOrigin + "/protocol");
      console.log("after set:", responseText);
    }

read: async () => {
      const protocol = await fetchText(altSvcOrigin + "/protocol");
      if ((new URL(location)).searchParams.get("thirdparty") === "same") {
        if (protocol !== "h3") {
          throw new Error("Unsupported");
        }
      }
      return protocol;
    }

result, same session: h3

result, different session: h3

unsupported: false

passed: false

test failed: false
Failed
write: async () => {
      // Clear Alt-Svc caching first.
      let responseText = "";
      for (let i = 0; i < 3; ++i) {
        await fetch(altSvcOrigin + "/clear");
        await sleepMs(100);
      }
      responseText = await fetchText(altSvcOrigin + "/protocol");
      console.log("after clear:", responseText);
      // Store "h3" state in Alt-Svc cache
      for (let i = 0; i < 3; ++i) {
        await fetch(altSvcOrigin + "/set");
        await sleepMs(100);
      }
      responseText = await fetchText(altSvcOrigin + "/protocol");
      console.log("after set:", responseText);
    }

read: async () => {
      const protocol = await fetchText(altSvcOrigin + "/protocol");
      if ((new URL(location)).searchParams.get("thirdparty") === "same") {
        if (protocol !== "h3") {
          throw new Error("Unsupported");
        }
      }
      return protocol;
    }

result, same session: h3

result, different session: h3

unsupported: false

passed: false

test failed: false
Failed
write: async () => {
      // Clear Alt-Svc caching first.
      let responseText = "";
      for (let i = 0; i < 3; ++i) {
        await fetch(altSvcOrigin + "/clear");
        await sleepMs(100);
      }
      responseText = await fetchText(altSvcOrigin + "/protocol");
      console.log("after clear:", responseText);
      // Store "h3" state in Alt-Svc cache
      for (let i = 0; i < 3; ++i) {
        await fetch(altSvcOrigin + "/set");
        await sleepMs(100);
      }
      responseText = await fetchText(altSvcOrigin + "/protocol");
      console.log("after set:", responseText);
    }

read: async () => {
      const protocol = await fetchText(altSvcOrigin + "/protocol");
      if ((new URL(location)).searchParams.get("thirdparty") === "same") {
        if (protocol !== "h3") {
          throw new Error("Unsupported");
        }
      }
      return protocol;
    }

result, same session: h3

result, different session: h3

unsupported: false

passed: false

test failed: false
Unsupported
write: async () => {
      // Clear Alt-Svc caching first.
      let responseText = "";
      for (let i = 0; i < 3; ++i) {
        await fetch(altSvcOrigin + "/clear");
        await sleepMs(100);
      }
      responseText = await fetchText(altSvcOrigin + "/protocol");
      console.log("after clear:", responseText);
      // Store "h3" state in Alt-Svc cache
      for (let i = 0; i < 3; ++i) {
        await fetch(altSvcOrigin + "/set");
        await sleepMs(100);
      }
      responseText = await fetchText(altSvcOrigin + "/protocol");
      console.log("after set:", responseText);
    }

read: async () => {
      const protocol = await fetchText(altSvcOrigin + "/protocol");
      if ((new URL(location)).searchParams.get("thirdparty") === "same") {
        if (protocol !== "h3") {
          throw new Error("Unsupported");
        }
      }
      return protocol;
    }

result, same session: h2

result, different session: h3

unsupported: true

passed: undefined

test failed: false
Unsupported
write: async () => {
      // Clear Alt-Svc caching first.
      let responseText = "";
      for (let i = 0; i < 3; ++i) {
        await fetch(altSvcOrigin + "/clear");
        await sleepMs(100);
      }
      responseText = await fetchText(altSvcOrigin + "/protocol");
      console.log("after clear:", responseText);
      // Store "h3" state in Alt-Svc cache
      for (let i = 0; i < 3; ++i) {
        await fetch(altSvcOrigin + "/set");
        await sleepMs(100);
      }
      responseText = await fetchText(altSvcOrigin + "/protocol");
      console.log("after set:", responseText);
    }

read: async () => {
      const protocol = await fetchText(altSvcOrigin + "/protocol");
      if ((new URL(location)).searchParams.get("thirdparty") === "same") {
        if (protocol !== "h3") {
          throw new Error("Unsupported");
        }
      }
      return protocol;
    }

result, same session: h2

result, different session: h2

unsupported: true

passed: undefined

test failed: false
Failed
write: async () => {
      // Clear Alt-Svc caching first.
      let responseText = "";
      for (let i = 0; i < 3; ++i) {
        await fetch(altSvcOrigin + "/clear");
        await sleepMs(100);
      }
      responseText = await fetchText(altSvcOrigin + "/protocol");
      console.log("after clear:", responseText);
      // Store "h3" state in Alt-Svc cache
      for (let i = 0; i < 3; ++i) {
        await fetch(altSvcOrigin + "/set");
        await sleepMs(100);
      }
      responseText = await fetchText(altSvcOrigin + "/protocol");
      console.log("after set:", responseText);
    }

read: async () => {
      const protocol = await fetchText(altSvcOrigin + "/protocol");
      if ((new URL(location)).searchParams.get("thirdparty") === "same") {
        if (protocol !== "h3") {
          throw new Error("Unsupported");
        }
      }
      return protocol;
    }

result, same session: h3

result, different session: h3

unsupported: false

passed: false

test failed: false
CacheStorage
The Cache API is a content storage mechanism originally introduced to support ServiceWorkers. If the same Cache object is accessible to multiple websites, it can be abused to track users.
              
Failed
write: async (key) => {
      try {
        let cache = await caches.open("supercookies");
        cache.addAll([`test.css?key=${key}`]);
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: async () => {
      let cache = await caches.open("supercookies");
      let cacheKeys = await cache.keys();
      let url = cacheKeys[0].url;
      return (new URL(url)).searchParams.get("key");
    }

result, same session: f7e729f7-9e22-4b1b-baa7-038cdd2b7466_3p

result, different session: f7e729f7-9e22-4b1b-baa7-038cdd2b7466_3p

unsupported: false

passed: false

test failed: false
Failed
write: async (key) => {
      try {
        let cache = await caches.open("supercookies");
        cache.addAll([`test.css?key=${key}`]);
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: async () => {
      let cache = await caches.open("supercookies");
      let cacheKeys = await cache.keys();
      let url = cacheKeys[0].url;
      return (new URL(url)).searchParams.get("key");
    }

result, same session: eac80989-abd5-4d75-ab7d-bc4b3f378167_3p

result, different session: eac80989-abd5-4d75-ab7d-bc4b3f378167_3p

unsupported: false

passed: false

test failed: false
Unsupported
write: async (key) => {
      try {
        let cache = await caches.open("supercookies");
        cache.addAll([`test.css?key=${key}`]);
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: async () => {
      let cache = await caches.open("supercookies");
      let cacheKeys = await cache.keys();
      let url = cacheKeys[0].url;
      return (new URL(url)).searchParams.get("key");
    }

result, same session: Error: undefined is not an object (evaluating 'cacheKeys[0].url')

result, different session: Error: undefined is not an object (evaluating 'cacheKeys[0].url')

unsupported: true

passed: undefined

test failed: false
Failed
write: async (key) => {
      try {
        let cache = await caches.open("supercookies");
        cache.addAll([`test.css?key=${key}`]);
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: async () => {
      let cache = await caches.open("supercookies");
      let cacheKeys = await cache.keys();
      let url = cacheKeys[0].url;
      return (new URL(url)).searchParams.get("key");
    }

result, same session: 25ffccc7-68bd-4d2f-86e0-8a0bb87be277_3p

result, different session: 25ffccc7-68bd-4d2f-86e0-8a0bb87be277_3p

unsupported: false

passed: false

test failed: false
Failed
write: async (key) => {
      try {
        let cache = await caches.open("supercookies");
        cache.addAll([`test.css?key=${key}`]);
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: async () => {
      let cache = await caches.open("supercookies");
      let cacheKeys = await cache.keys();
      let url = cacheKeys[0].url;
      return (new URL(url)).searchParams.get("key");
    }

result, same session: eb0dda01-983e-40e8-b21b-217f51793243_3p

result, different session: eb0dda01-983e-40e8-b21b-217f51793243_3p

unsupported: false

passed: false

test failed: false
Failed
write: async (key) => {
      try {
        let cache = await caches.open("supercookies");
        cache.addAll([`test.css?key=${key}`]);
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: async () => {
      let cache = await caches.open("supercookies");
      let cacheKeys = await cache.keys();
      let url = cacheKeys[0].url;
      return (new URL(url)).searchParams.get("key");
    }

result, same session: e91cf262-3db2-4ce2-9312-b912493f0ef0_3p

result, different session: e91cf262-3db2-4ce2-9312-b912493f0ef0_3p

unsupported: false

passed: false

test failed: false
Failed
write: async (key) => {
      try {
        let cache = await caches.open("supercookies");
        cache.addAll([`test.css?key=${key}`]);
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: async () => {
      let cache = await caches.open("supercookies");
      let cacheKeys = await cache.keys();
      let url = cacheKeys[0].url;
      return (new URL(url)).searchParams.get("key");
    }

result, same session: c29ade6f-6e91-4000-9582-ca243d4f2894_3p

result, different session: c29ade6f-6e91-4000-9582-ca243d4f2894_3p

unsupported: false

passed: false

test failed: false
Unsupported
write: async (key) => {
      try {
        let cache = await caches.open("supercookies");
        cache.addAll([`test.css?key=${key}`]);
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: async () => {
      let cache = await caches.open("supercookies");
      let cacheKeys = await cache.keys();
      let url = cacheKeys[0].url;
      return (new URL(url)).searchParams.get("key");
    }

result, same session: Error: The operation is insecure.

result, different session: Error: The operation is insecure.

unsupported: true

passed: undefined

test failed: false
Failed
write: async (key) => {
      try {
        let cache = await caches.open("supercookies");
        cache.addAll([`test.css?key=${key}`]);
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: async () => {
      let cache = await caches.open("supercookies");
      let cacheKeys = await cache.keys();
      let url = cacheKeys[0].url;
      return (new URL(url)).searchParams.get("key");
    }

result, same session: 5c4b21b3-6581-43d2-8006-dc5d38ff986b_3p

result, different session: 5c4b21b3-6581-43d2-8006-dc5d38ff986b_3p

unsupported: false

passed: false

test failed: false
cookie (HTTP)
The cookie, first introduced by Netscape in 1994, is a small amount of data stored by your browser on a website's behalf. It has legitimate uses, but it is also the classic cross-site tracking mechanism, and today still the most popular method of tracking users across websites. Browsers can stop cookies from being used for cross-site tracking by either blocking or partitioning them.
              
Passed
write: async (secret) => {
      // Request a page that will send an HTTPOnly 'set-cookie' response header with secret value.
      await fetch(`${baseURI}cookie?secret=${secret}_http`);
    }

read: async () => {
      // Test if we now send a requests with a 'cookie' header containing the secret.
      let response = await fetch(`${baseURI}headers`);
      let cookie = (await response.json())["cookie"];
      return cookie ? cookie.match(/secret=([\w-]+)/)[1]: null;
    }

result, same session: f7e729f7-9e22-4b1b-baa7-038cdd2b7466_3p_http

result, different session: null

unsupported: false

passed: true

test failed: false
Failed
write: async (secret) => {
      // Request a page that will send an HTTPOnly 'set-cookie' response header with secret value.
      await fetch(`${baseURI}cookie?secret=${secret}_http`);
    }

read: async () => {
      // Test if we now send a requests with a 'cookie' header containing the secret.
      let response = await fetch(`${baseURI}headers`);
      let cookie = (await response.json())["cookie"];
      return cookie ? cookie.match(/secret=([\w-]+)/)[1]: null;
    }

result, same session: eac80989-abd5-4d75-ab7d-bc4b3f378167_3p_http

result, different session: eac80989-abd5-4d75-ab7d-bc4b3f378167_3p_http

unsupported: false

passed: false

test failed: false
Unsupported
write: async (secret) => {
      // Request a page that will send an HTTPOnly 'set-cookie' response header with secret value.
      await fetch(`${baseURI}cookie?secret=${secret}_http`);
    }

read: async () => {
      // Test if we now send a requests with a 'cookie' header containing the secret.
      let response = await fetch(`${baseURI}headers`);
      let cookie = (await response.json())["cookie"];
      return cookie ? cookie.match(/secret=([\w-]+)/)[1]: null;
    }

result, same session: null

result, different session: null

unsupported: true

passed: undefined

test failed: false
Failed
write: async (secret) => {
      // Request a page that will send an HTTPOnly 'set-cookie' response header with secret value.
      await fetch(`${baseURI}cookie?secret=${secret}_http`);
    }

read: async () => {
      // Test if we now send a requests with a 'cookie' header containing the secret.
      let response = await fetch(`${baseURI}headers`);
      let cookie = (await response.json())["cookie"];
      return cookie ? cookie.match(/secret=([\w-]+)/)[1]: null;
    }

result, same session: 25ffccc7-68bd-4d2f-86e0-8a0bb87be277_3p_http

result, different session: 25ffccc7-68bd-4d2f-86e0-8a0bb87be277_3p_http

unsupported: false

passed: false

test failed: false
Failed
write: async (secret) => {
      // Request a page that will send an HTTPOnly 'set-cookie' response header with secret value.
      await fetch(`${baseURI}cookie?secret=${secret}_http`);
    }

read: async () => {
      // Test if we now send a requests with a 'cookie' header containing the secret.
      let response = await fetch(`${baseURI}headers`);
      let cookie = (await response.json())["cookie"];
      return cookie ? cookie.match(/secret=([\w-]+)/)[1]: null;
    }

result, same session: eb0dda01-983e-40e8-b21b-217f51793243_3p_http

result, different session: eb0dda01-983e-40e8-b21b-217f51793243_3p_http

unsupported: false

passed: false

test failed: false
Failed
write: async (secret) => {
      // Request a page that will send an HTTPOnly 'set-cookie' response header with secret value.
      await fetch(`${baseURI}cookie?secret=${secret}_http`);
    }

read: async () => {
      // Test if we now send a requests with a 'cookie' header containing the secret.
      let response = await fetch(`${baseURI}headers`);
      let cookie = (await response.json())["cookie"];
      return cookie ? cookie.match(/secret=([\w-]+)/)[1]: null;
    }

result, same session: e91cf262-3db2-4ce2-9312-b912493f0ef0_3p_http

result, different session: e91cf262-3db2-4ce2-9312-b912493f0ef0_3p_http

unsupported: false

passed: false

test failed: false
Unsupported
write: async (secret) => {
      // Request a page that will send an HTTPOnly 'set-cookie' response header with secret value.
      await fetch(`${baseURI}cookie?secret=${secret}_http`);
    }

read: async () => {
      // Test if we now send a requests with a 'cookie' header containing the secret.
      let response = await fetch(`${baseURI}headers`);
      let cookie = (await response.json())["cookie"];
      return cookie ? cookie.match(/secret=([\w-]+)/)[1]: null;
    }

result, same session: null

result, different session: null

unsupported: true

passed: undefined

test failed: false
Unsupported
write: async (secret) => {
      // Request a page that will send an HTTPOnly 'set-cookie' response header with secret value.
      await fetch(`${baseURI}cookie?secret=${secret}_http`);
    }

read: async () => {
      // Test if we now send a requests with a 'cookie' header containing the secret.
      let response = await fetch(`${baseURI}headers`);
      let cookie = (await response.json())["cookie"];
      return cookie ? cookie.match(/secret=([\w-]+)/)[1]: null;
    }

result, same session: null

result, different session: null

unsupported: true

passed: undefined

test failed: false
Failed
write: async (secret) => {
      // Request a page that will send an HTTPOnly 'set-cookie' response header with secret value.
      await fetch(`${baseURI}cookie?secret=${secret}_http`);
    }

read: async () => {
      // Test if we now send a requests with a 'cookie' header containing the secret.
      let response = await fetch(`${baseURI}headers`);
      let cookie = (await response.json())["cookie"];
      return cookie ? cookie.match(/secret=([\w-]+)/)[1]: null;
    }

result, same session: 5c4b21b3-6581-43d2-8006-dc5d38ff986b_3p_http

result, different session: 5c4b21b3-6581-43d2-8006-dc5d38ff986b_3p_http

unsupported: false

passed: false

test failed: false
cookie (JS)
The cookie, first introduced by Netscape in 1994, is a small amount of data stored by your browser on a website's behalf. It has legitimate uses, but it is also the classic cross-site tracking mechanism, and today still the most popular method of tracking users across websites. Browsers can stop cookies from being used for cross-site tracking by either blocking or partitioning them.
              
Passed
write: (secret) => {
      document.cookie = `secret=${secret}_js; max-age=3600; SameSite=None; Secure`;
    }

read: () => document.cookie ? document.cookie.match(/secret=([\w-]+)/)[1] : null

result, same session: f7e729f7-9e22-4b1b-baa7-038cdd2b7466_3p_js

result, different session: null

unsupported: false

passed: true

test failed: false
Failed
write: (secret) => {
      document.cookie = `secret=${secret}_js; max-age=3600; SameSite=None; Secure`;
    }

read: () => document.cookie ? document.cookie.match(/secret=([\w-]+)/)[1] : null

result, same session: eac80989-abd5-4d75-ab7d-bc4b3f378167_3p_js

result, different session: eac80989-abd5-4d75-ab7d-bc4b3f378167_3p_js

unsupported: false

passed: false

test failed: false
Unsupported
write: (secret) => {
      document.cookie = `secret=${secret}_js; max-age=3600; SameSite=None; Secure`;
    }

read: () => document.cookie ? document.cookie.match(/secret=([\w-]+)/)[1] : null

result, same session: null

result, different session: null

unsupported: true

passed: undefined

test failed: false
Failed
write: (secret) => {
      document.cookie = `secret=${secret}_js; max-age=3600; SameSite=None; Secure`;
    }

read: () => document.cookie ? document.cookie.match(/secret=([\w-]+)/)[1] : null

result, same session: 25ffccc7-68bd-4d2f-86e0-8a0bb87be277_3p_js

result, different session: 25ffccc7-68bd-4d2f-86e0-8a0bb87be277_3p_js

unsupported: false

passed: false

test failed: false
Failed
write: (secret) => {
      document.cookie = `secret=${secret}_js; max-age=3600; SameSite=None; Secure`;
    }

read: () => document.cookie ? document.cookie.match(/secret=([\w-]+)/)[1] : null

result, same session: eb0dda01-983e-40e8-b21b-217f51793243_3p_js

result, different session: eb0dda01-983e-40e8-b21b-217f51793243_3p_js

unsupported: false

passed: false

test failed: false
Failed
write: (secret) => {
      document.cookie = `secret=${secret}_js; max-age=3600; SameSite=None; Secure`;
    }

read: () => document.cookie ? document.cookie.match(/secret=([\w-]+)/)[1] : null

result, same session: e91cf262-3db2-4ce2-9312-b912493f0ef0_3p_js

result, different session: e91cf262-3db2-4ce2-9312-b912493f0ef0_3p_js

unsupported: false

passed: false

test failed: false
Unsupported
write: (secret) => {
      document.cookie = `secret=${secret}_js; max-age=3600; SameSite=None; Secure`;
    }

read: () => document.cookie ? document.cookie.match(/secret=([\w-]+)/)[1] : null

result, same session: null

result, different session: null

unsupported: true

passed: undefined

test failed: false
Unsupported
write: (secret) => {
      document.cookie = `secret=${secret}_js; max-age=3600; SameSite=None; Secure`;
    }

read: () => document.cookie ? document.cookie.match(/secret=([\w-]+)/)[1] : null

result, same session: null

result, different session: null

unsupported: true

passed: undefined

test failed: false
Failed
write: (secret) => {
      document.cookie = `secret=${secret}_js; max-age=3600; SameSite=None; Secure`;
    }

read: () => document.cookie ? document.cookie.match(/secret=([\w-]+)/)[1] : null

result, same session: 5c4b21b3-6581-43d2-8006-dc5d38ff986b_3p_js

result, different session: 5c4b21b3-6581-43d2-8006-dc5d38ff986b_3p_js

unsupported: false

passed: false

test failed: false
CookieStore
The Cookie Store API is an alternative asynchronous API for managing cookies, supported by some browsers.
              
Passed
write: (data) => {
      const msPerHour = 60 * 60 * 1000;
      if (!window.cookieStore) {
        throw new Error("Unsupported");
      }
      window.cookieStore.set({
        name: "partition_test",
        value: data,
        expires: Date.now() + msPerHour,
        sameSite: "none"
      });
    }

read: async () => {
      if (!window.cookieStore) {
        throw new Error("Unsupported");
      }
      const cookie = await window.cookieStore.get("partition_test");
      if (!cookie) {
        return null;
      }
      return cookie.value;
    }

result, same session: f7e729f7-9e22-4b1b-baa7-038cdd2b7466_3p

result, different session: null

unsupported: false

passed: true

test failed: false
Failed
write: (data) => {
      const msPerHour = 60 * 60 * 1000;
      if (!window.cookieStore) {
        throw new Error("Unsupported");
      }
      window.cookieStore.set({
        name: "partition_test",
        value: data,
        expires: Date.now() + msPerHour,
        sameSite: "none"
      });
    }

read: async () => {
      if (!window.cookieStore) {
        throw new Error("Unsupported");
      }
      const cookie = await window.cookieStore.get("partition_test");
      if (!cookie) {
        return null;
      }
      return cookie.value;
    }

result, same session: eac80989-abd5-4d75-ab7d-bc4b3f378167_3p

result, different session: eac80989-abd5-4d75-ab7d-bc4b3f378167_3p

unsupported: false

passed: false

test failed: false
Unsupported
write: (data) => {
      const msPerHour = 60 * 60 * 1000;
      if (!window.cookieStore) {
        throw new Error("Unsupported");
      }
      window.cookieStore.set({
        name: "partition_test",
        value: data,
        expires: Date.now() + msPerHour,
        sameSite: "none"
      });
    }

read: async () => {
      if (!window.cookieStore) {
        throw new Error("Unsupported");
      }
      const cookie = await window.cookieStore.get("partition_test");
      if (!cookie) {
        return null;
      }
      return cookie.value;
    }

result, same session: Error: Unsupported

result, different session: Error: Unsupported

unsupported: true

passed: undefined

test failed: false
Failed
write: (data) => {
      const msPerHour = 60 * 60 * 1000;
      if (!window.cookieStore) {
        throw new Error("Unsupported");
      }
      window.cookieStore.set({
        name: "partition_test",
        value: data,
        expires: Date.now() + msPerHour,
        sameSite: "none"
      });
    }

read: async () => {
      if (!window.cookieStore) {
        throw new Error("Unsupported");
      }
      const cookie = await window.cookieStore.get("partition_test");
      if (!cookie) {
        return null;
      }
      return cookie.value;
    }

result, same session: 25ffccc7-68bd-4d2f-86e0-8a0bb87be277_3p

result, different session: 25ffccc7-68bd-4d2f-86e0-8a0bb87be277_3p

unsupported: false

passed: false

test failed: false
Unsupported
write: (data) => {
      const msPerHour = 60 * 60 * 1000;
      if (!window.cookieStore) {
        throw new Error("Unsupported");
      }
      window.cookieStore.set({
        name: "partition_test",
        value: data,
        expires: Date.now() + msPerHour,
        sameSite: "none"
      });
    }

read: async () => {
      if (!window.cookieStore) {
        throw new Error("Unsupported");
      }
      const cookie = await window.cookieStore.get("partition_test");
      if (!cookie) {
        return null;
      }
      return cookie.value;
    }

result, same session: Error: Unsupported

result, different session: Error: Unsupported

unsupported: true

passed: undefined

test failed: false
Failed
write: (data) => {
      const msPerHour = 60 * 60 * 1000;
      if (!window.cookieStore) {
        throw new Error("Unsupported");
      }
      window.cookieStore.set({
        name: "partition_test",
        value: data,
        expires: Date.now() + msPerHour,
        sameSite: "none"
      });
    }

read: async () => {
      if (!window.cookieStore) {
        throw new Error("Unsupported");
      }
      const cookie = await window.cookieStore.get("partition_test");
      if (!cookie) {
        return null;
      }
      return cookie.value;
    }

result, same session: e91cf262-3db2-4ce2-9312-b912493f0ef0_3p

result, different session: e91cf262-3db2-4ce2-9312-b912493f0ef0_3p

unsupported: false

passed: false

test failed: false
Unsupported
write: (data) => {
      const msPerHour = 60 * 60 * 1000;
      if (!window.cookieStore) {
        throw new Error("Unsupported");
      }
      window.cookieStore.set({
        name: "partition_test",
        value: data,
        expires: Date.now() + msPerHour,
        sameSite: "none"
      });
    }

read: async () => {
      if (!window.cookieStore) {
        throw new Error("Unsupported");
      }
      const cookie = await window.cookieStore.get("partition_test");
      if (!cookie) {
        return null;
      }
      return cookie.value;
    }

result, same session: Error: Unsupported

result, different session: Error: Unsupported

unsupported: true

passed: undefined

test failed: false
Unsupported
write: (data) => {
      const msPerHour = 60 * 60 * 1000;
      if (!window.cookieStore) {
        throw new Error("Unsupported");
      }
      window.cookieStore.set({
        name: "partition_test",
        value: data,
        expires: Date.now() + msPerHour,
        sameSite: "none"
      });
    }

read: async () => {
      if (!window.cookieStore) {
        throw new Error("Unsupported");
      }
      const cookie = await window.cookieStore.get("partition_test");
      if (!cookie) {
        return null;
      }
      return cookie.value;
    }

result, same session: Error: Unsupported

result, different session: Error: Unsupported

unsupported: true

passed: undefined

test failed: false
Failed
write: (data) => {
      const msPerHour = 60 * 60 * 1000;
      if (!window.cookieStore) {
        throw new Error("Unsupported");
      }
      window.cookieStore.set({
        name: "partition_test",
        value: data,
        expires: Date.now() + msPerHour,
        sameSite: "none"
      });
    }

read: async () => {
      if (!window.cookieStore) {
        throw new Error("Unsupported");
      }
      const cookie = await window.cookieStore.get("partition_test");
      if (!cookie) {
        return null;
      }
      return cookie.value;
    }

result, same session: 5c4b21b3-6581-43d2-8006-dc5d38ff986b_3p

result, different session: 5c4b21b3-6581-43d2-8006-dc5d38ff986b_3p

unsupported: false

passed: false

test failed: false
CSS cache
CSS stylesheets are cached, and if that cache is shared between websites, it can be used to track users across sites.
              
Failed
write: async (key) => {
      const href = testURI("resource", "css", key);
      const head = document.getElementsByTagName("head")[0];
      head.innerHTML += `<link type="text/css" rel="stylesheet" href="${href}">`;
      const testElement = document.querySelector("#css");
      let fontFamily;
      while (true) {
        await sleepMs(100);
        fontFamily = getComputedStyle(testElement).fontFamily;
        if (fontFamily.startsWith("fake")) {
          break;
        }
      }
      console.log(fontFamily);
      return key;
    }

read: async (key) => {
      const href = testURI("resource", "css", key);
      const head = document.getElementsByTagName("head")[0];
      head.innerHTML += `<link type="text/css" rel="stylesheet" href="${href}">`;
      const testElement = document.querySelector("#css");
      let fontFamily;
      while (true) {
        await sleepMs(100);
        fontFamily = getComputedStyle(testElement).fontFamily;
        if (fontFamily.startsWith("fake")) {
          break;
        }
      }
      console.log(fontFamily);
      return fontFamily;
    }

result, same session: fake_5670925018311572

result, different session: fake_5670925018311572

unsupported: false

passed: false

test failed: false
Failed
write: async (key) => {
      const href = testURI("resource", "css", key);
      const head = document.getElementsByTagName("head")[0];
      head.innerHTML += `<link type="text/css" rel="stylesheet" href="${href}">`;
      const testElement = document.querySelector("#css");
      let fontFamily;
      while (true) {
        await sleepMs(100);
        fontFamily = getComputedStyle(testElement).fontFamily;
        if (fontFamily.startsWith("fake")) {
          break;
        }
      }
      console.log(fontFamily);
      return key;
    }

read: async (key) => {
      const href = testURI("resource", "css", key);
      const head = document.getElementsByTagName("head")[0];
      head.innerHTML += `<link type="text/css" rel="stylesheet" href="${href}">`;
      const testElement = document.querySelector("#css");
      let fontFamily;
      while (true) {
        await sleepMs(100);
        fontFamily = getComputedStyle(testElement).fontFamily;
        if (fontFamily.startsWith("fake")) {
          break;
        }
      }
      console.log(fontFamily);
      return fontFamily;
    }

result, same session: fake_4150730120744297

result, different session: fake_4150730120744297

unsupported: false

passed: false

test failed: false
Failed
write: async (key) => {
      const href = testURI("resource", "css", key);
      const head = document.getElementsByTagName("head")[0];
      head.innerHTML += `<link type="text/css" rel="stylesheet" href="${href}">`;
      const testElement = document.querySelector("#css");
      let fontFamily;
      while (true) {
        await sleepMs(100);
        fontFamily = getComputedStyle(testElement).fontFamily;
        if (fontFamily.startsWith("fake")) {
          break;
        }
      }
      console.log(fontFamily);
      return key;
    }

read: async (key) => {
      const href = testURI("resource", "css", key);
      const head = document.getElementsByTagName("head")[0];
      head.innerHTML += `<link type="text/css" rel="stylesheet" href="${href}">`;
      const testElement = document.querySelector("#css");
      let fontFamily;
      while (true) {
        await sleepMs(100);
        fontFamily = getComputedStyle(testElement).fontFamily;
        if (fontFamily.startsWith("fake")) {
          break;
        }
      }
      console.log(fontFamily);
      return fontFamily;
    }

result, same session: fake_7429052136396279

result, different session: fake_7429052136396279

unsupported: false

passed: false

test failed: false
Failed
write: async (key) => {
      const href = testURI("resource", "css", key);
      const head = document.getElementsByTagName("head")[0];
      head.innerHTML += `<link type="text/css" rel="stylesheet" href="${href}">`;
      const testElement = document.querySelector("#css");
      let fontFamily;
      while (true) {
        await sleepMs(100);
        fontFamily = getComputedStyle(testElement).fontFamily;
        if (fontFamily.startsWith("fake")) {
          break;
        }
      }
      console.log(fontFamily);
      return key;
    }

read: async (key) => {
      const href = testURI("resource", "css", key);
      const head = document.getElementsByTagName("head")[0];
      head.innerHTML += `<link type="text/css" rel="stylesheet" href="${href}">`;
      const testElement = document.querySelector("#css");
      let fontFamily;
      while (true) {
        await sleepMs(100);
        fontFamily = getComputedStyle(testElement).fontFamily;
        if (fontFamily.startsWith("fake")) {
          break;
        }
      }
      console.log(fontFamily);
      return fontFamily;
    }

result, same session: fake_7221522415872998

result, different session: fake_7221522415872998

unsupported: false

passed: false

test failed: false
Failed
write: async (key) => {
      const href = testURI("resource", "css", key);
      const head = document.getElementsByTagName("head")[0];
      head.innerHTML += `<link type="text/css" rel="stylesheet" href="${href}">`;
      const testElement = document.querySelector("#css");
      let fontFamily;
      while (true) {
        await sleepMs(100);
        fontFamily = getComputedStyle(testElement).fontFamily;
        if (fontFamily.startsWith("fake")) {
          break;
        }
      }
      console.log(fontFamily);
      return key;
    }

read: async (key) => {
      const href = testURI("resource", "css", key);
      const head = document.getElementsByTagName("head")[0];
      head.innerHTML += `<link type="text/css" rel="stylesheet" href="${href}">`;
      const testElement = document.querySelector("#css");
      let fontFamily;
      while (true) {
        await sleepMs(100);
        fontFamily = getComputedStyle(testElement).fontFamily;
        if (fontFamily.startsWith("fake")) {
          break;
        }
      }
      console.log(fontFamily);
      return fontFamily;
    }

result, same session: fake_8170554612828678

result, different session: fake_8170554612828678

unsupported: false

passed: false

test failed: false
Failed
write: async (key) => {
      const href = testURI("resource", "css", key);
      const head = document.getElementsByTagName("head")[0];
      head.innerHTML += `<link type="text/css" rel="stylesheet" href="${href}">`;
      const testElement = document.querySelector("#css");
      let fontFamily;
      while (true) {
        await sleepMs(100);
        fontFamily = getComputedStyle(testElement).fontFamily;
        if (fontFamily.startsWith("fake")) {
          break;
        }
      }
      console.log(fontFamily);
      return key;
    }

read: async (key) => {
      const href = testURI("resource", "css", key);
      const head = document.getElementsByTagName("head")[0];
      head.innerHTML += `<link type="text/css" rel="stylesheet" href="${href}">`;
      const testElement = document.querySelector("#css");
      let fontFamily;
      while (true) {
        await sleepMs(100);
        fontFamily = getComputedStyle(testElement).fontFamily;
        if (fontFamily.startsWith("fake")) {
          break;
        }
      }
      console.log(fontFamily);
      return fontFamily;
    }

result, same session: fake_5966791259768218

result, different session: fake_5966791259768218

unsupported: false

passed: false

test failed: false
Failed
write: async (key) => {
      const href = testURI("resource", "css", key);
      const head = document.getElementsByTagName("head")[0];
      head.innerHTML += `<link type="text/css" rel="stylesheet" href="${href}">`;
      const testElement = document.querySelector("#css");
      let fontFamily;
      while (true) {
        await sleepMs(100);
        fontFamily = getComputedStyle(testElement).fontFamily;
        if (fontFamily.startsWith("fake")) {
          break;
        }
      }
      console.log(fontFamily);
      return key;
    }

read: async (key) => {
      const href = testURI("resource", "css", key);
      const head = document.getElementsByTagName("head")[0];
      head.innerHTML += `<link type="text/css" rel="stylesheet" href="${href}">`;
      const testElement = document.querySelector("#css");
      let fontFamily;
      while (true) {
        await sleepMs(100);
        fontFamily = getComputedStyle(testElement).fontFamily;
        if (fontFamily.startsWith("fake")) {
          break;
        }
      }
      console.log(fontFamily);
      return fontFamily;
    }

result, same session: fake_9475647907685694

result, different session: fake_9475647907685694

unsupported: false

passed: false

test failed: false
Passed
write: async (key) => {
      const href = testURI("resource", "css", key);
      const head = document.getElementsByTagName("head")[0];
      head.innerHTML += `<link type="text/css" rel="stylesheet" href="${href}">`;
      const testElement = document.querySelector("#css");
      let fontFamily;
      while (true) {
        await sleepMs(100);
        fontFamily = getComputedStyle(testElement).fontFamily;
        if (fontFamily.startsWith("fake")) {
          break;
        }
      }
      console.log(fontFamily);
      return key;
    }

read: async (key) => {
      const href = testURI("resource", "css", key);
      const head = document.getElementsByTagName("head")[0];
      head.innerHTML += `<link type="text/css" rel="stylesheet" href="${href}">`;
      const testElement = document.querySelector("#css");
      let fontFamily;
      while (true) {
        await sleepMs(100);
        fontFamily = getComputedStyle(testElement).fontFamily;
        if (fontFamily.startsWith("fake")) {
          break;
        }
      }
      console.log(fontFamily);
      return fontFamily;
    }

result, same session: fake_9497429960602763

result, different session: fake_6845812176349395

unsupported: false

passed: true

test failed: false
Failed
write: async (key) => {
      const href = testURI("resource", "css", key);
      const head = document.getElementsByTagName("head")[0];
      head.innerHTML += `<link type="text/css" rel="stylesheet" href="${href}">`;
      const testElement = document.querySelector("#css");
      let fontFamily;
      while (true) {
        await sleepMs(100);
        fontFamily = getComputedStyle(testElement).fontFamily;
        if (fontFamily.startsWith("fake")) {
          break;
        }
      }
      console.log(fontFamily);
      return key;
    }

read: async (key) => {
      const href = testURI("resource", "css", key);
      const head = document.getElementsByTagName("head")[0];
      head.innerHTML += `<link type="text/css" rel="stylesheet" href="${href}">`;
      const testElement = document.querySelector("#css");
      let fontFamily;
      while (true) {
        await sleepMs(100);
        fontFamily = getComputedStyle(testElement).fontFamily;
        if (fontFamily.startsWith("fake")) {
          break;
        }
      }
      console.log(fontFamily);
      return fontFamily;
    }

result, same session: fake_8482089041296716

result, different session: fake_8482089041296716

unsupported: false

passed: false

test failed: false
favicon cache
A favicon is an icon that represents a website, typically shown in browser tab and bookmarks menu. If the favicon cache is not partitioned, it can be used to track users across websites.
              
Failed
write: (key) => key

read: async (key) => {
      // Wait for the favicon to load (defined in supercookies.html)
      await sleepMs(2000);
      let response = await fetch(
        testURI("ctr", "favicon", key), {"cache": "reload"});
      let count = (await response.text()).trim();
      if (count === "0") {
        throw new Error("No requests received");
      }
      return count;
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: (key) => key

read: async (key) => {
      // Wait for the favicon to load (defined in supercookies.html)
      await sleepMs(2000);
      let response = await fetch(
        testURI("ctr", "favicon", key), {"cache": "reload"});
      let count = (await response.text()).trim();
      if (count === "0") {
        throw new Error("No requests received");
      }
      return count;
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: (key) => key

read: async (key) => {
      // Wait for the favicon to load (defined in supercookies.html)
      await sleepMs(2000);
      let response = await fetch(
        testURI("ctr", "favicon", key), {"cache": "reload"});
      let count = (await response.text()).trim();
      if (count === "0") {
        throw new Error("No requests received");
      }
      return count;
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: (key) => key

read: async (key) => {
      // Wait for the favicon to load (defined in supercookies.html)
      await sleepMs(2000);
      let response = await fetch(
        testURI("ctr", "favicon", key), {"cache": "reload"});
      let count = (await response.text()).trim();
      if (count === "0") {
        throw new Error("No requests received");
      }
      return count;
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: (key) => key

read: async (key) => {
      // Wait for the favicon to load (defined in supercookies.html)
      await sleepMs(2000);
      let response = await fetch(
        testURI("ctr", "favicon", key), {"cache": "reload"});
      let count = (await response.text()).trim();
      if (count === "0") {
        throw new Error("No requests received");
      }
      return count;
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: (key) => key

read: async (key) => {
      // Wait for the favicon to load (defined in supercookies.html)
      await sleepMs(2000);
      let response = await fetch(
        testURI("ctr", "favicon", key), {"cache": "reload"});
      let count = (await response.text()).trim();
      if (count === "0") {
        throw new Error("No requests received");
      }
      return count;
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: (key) => key

read: async (key) => {
      // Wait for the favicon to load (defined in supercookies.html)
      await sleepMs(2000);
      let response = await fetch(
        testURI("ctr", "favicon", key), {"cache": "reload"});
      let count = (await response.text()).trim();
      if (count === "0") {
        throw new Error("No requests received");
      }
      return count;
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Passed
write: (key) => key

read: async (key) => {
      // Wait for the favicon to load (defined in supercookies.html)
      await sleepMs(2000);
      let response = await fetch(
        testURI("ctr", "favicon", key), {"cache": "reload"});
      let count = (await response.text()).trim();
      if (count === "0") {
        throw new Error("No requests received");
      }
      return count;
    }

result, same session: 1

result, different session: 2

unsupported: false

passed: true

test failed: false
Failed
write: (key) => key

read: async (key) => {
      // Wait for the favicon to load (defined in supercookies.html)
      await sleepMs(2000);
      let response = await fetch(
        testURI("ctr", "favicon", key), {"cache": "reload"});
      let count = (await response.text()).trim();
      if (count === "0") {
        throw new Error("No requests received");
      }
      return count;
    }

result, same session: 2

result, different session: 2

unsupported: false

passed: false

test failed: false
fetch cache
When a resource is received via the Fetch API, it is frequently cached. That cache can potentially be abused for cross-site tracking.
              
Failed
write: async (key) => {
      let response = await fetch(testURI("resource", "fetch", key),
                                 {cache: "force-cache"});
      return key;
    }

read: async (key) => {
      let response = await fetch(testURI("resource", "fetch", key),
                                 {cache: "force-cache"});
      let countResponse = await fetch(testURI("ctr", "fetch", key),
                                      {cache: "reload"});
      return (await countResponse.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: async (key) => {
      let response = await fetch(testURI("resource", "fetch", key),
                                 {cache: "force-cache"});
      return key;
    }

read: async (key) => {
      let response = await fetch(testURI("resource", "fetch", key),
                                 {cache: "force-cache"});
      let countResponse = await fetch(testURI("ctr", "fetch", key),
                                      {cache: "reload"});
      return (await countResponse.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: async (key) => {
      let response = await fetch(testURI("resource", "fetch", key),
                                 {cache: "force-cache"});
      return key;
    }

read: async (key) => {
      let response = await fetch(testURI("resource", "fetch", key),
                                 {cache: "force-cache"});
      let countResponse = await fetch(testURI("ctr", "fetch", key),
                                      {cache: "reload"});
      return (await countResponse.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: async (key) => {
      let response = await fetch(testURI("resource", "fetch", key),
                                 {cache: "force-cache"});
      return key;
    }

read: async (key) => {
      let response = await fetch(testURI("resource", "fetch", key),
                                 {cache: "force-cache"});
      let countResponse = await fetch(testURI("ctr", "fetch", key),
                                      {cache: "reload"});
      return (await countResponse.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: async (key) => {
      let response = await fetch(testURI("resource", "fetch", key),
                                 {cache: "force-cache"});
      return key;
    }

read: async (key) => {
      let response = await fetch(testURI("resource", "fetch", key),
                                 {cache: "force-cache"});
      let countResponse = await fetch(testURI("ctr", "fetch", key),
                                      {cache: "reload"});
      return (await countResponse.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: async (key) => {
      let response = await fetch(testURI("resource", "fetch", key),
                                 {cache: "force-cache"});
      return key;
    }

read: async (key) => {
      let response = await fetch(testURI("resource", "fetch", key),
                                 {cache: "force-cache"});
      let countResponse = await fetch(testURI("ctr", "fetch", key),
                                      {cache: "reload"});
      return (await countResponse.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: async (key) => {
      let response = await fetch(testURI("resource", "fetch", key),
                                 {cache: "force-cache"});
      return key;
    }

read: async (key) => {
      let response = await fetch(testURI("resource", "fetch", key),
                                 {cache: "force-cache"});
      let countResponse = await fetch(testURI("ctr", "fetch", key),
                                      {cache: "reload"});
      return (await countResponse.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Passed
write: async (key) => {
      let response = await fetch(testURI("resource", "fetch", key),
                                 {cache: "force-cache"});
      return key;
    }

read: async (key) => {
      let response = await fetch(testURI("resource", "fetch", key),
                                 {cache: "force-cache"});
      let countResponse = await fetch(testURI("ctr", "fetch", key),
                                      {cache: "reload"});
      return (await countResponse.text()).trim();
    }

result, same session: 1

result, different session: 2

unsupported: false

passed: true

test failed: false
Failed
write: async (key) => {
      let response = await fetch(testURI("resource", "fetch", key),
                                 {cache: "force-cache"});
      return key;
    }

read: async (key) => {
      let response = await fetch(testURI("resource", "fetch", key),
                                 {cache: "force-cache"});
      let countResponse = await fetch(testURI("ctr", "fetch", key),
                                      {cache: "reload"});
      return (await countResponse.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
font cache
Web fonts are sometimes stored in their own cache, which is vulnerable to being abused for cross-site tracking.
              
Failed
write: async (key) => {
      let style = document.createElement("style");
      style.type='text/css';
      let fontURI = testURI("resource", "font", key);
      style.innerHTML = `@font-face {font-family: "myFont"; src: url("${fontURI}"); } body { font-family: "myFont" }`;
      document.getElementsByTagName("head")[0].appendChild(style);
      return key;
    }

read: async (key) => {
      const text = document.createElement("span");
      text.id = "text";
      text.innerText = "test";
      document.body.appendChild(text);
      const originalWidth = text.getBoundingClientRect().width;
      let style = document.createElement("style");
      style.type='text/css';
      let fontURI = testURI("resource", "font", key);
      style.innerHTML = `@font-face {font-family: "myFont"; src: url("${fontURI}"); } #text { font-family: "myFont" }`;
      document.getElementsByTagName("head")[0].appendChild(style);
      let newWidth;
      do {
        await sleepMs(100);
        newWidth = text.getBoundingClientRect().width;
      } while (newWidth < 0 || newWidth === originalWidth)
      let response = await fetch(
        testURI("ctr", "font", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: async (key) => {
      let style = document.createElement("style");
      style.type='text/css';
      let fontURI = testURI("resource", "font", key);
      style.innerHTML = `@font-face {font-family: "myFont"; src: url("${fontURI}"); } body { font-family: "myFont" }`;
      document.getElementsByTagName("head")[0].appendChild(style);
      return key;
    }

read: async (key) => {
      const text = document.createElement("span");
      text.id = "text";
      text.innerText = "test";
      document.body.appendChild(text);
      const originalWidth = text.getBoundingClientRect().width;
      let style = document.createElement("style");
      style.type='text/css';
      let fontURI = testURI("resource", "font", key);
      style.innerHTML = `@font-face {font-family: "myFont"; src: url("${fontURI}"); } #text { font-family: "myFont" }`;
      document.getElementsByTagName("head")[0].appendChild(style);
      let newWidth;
      do {
        await sleepMs(100);
        newWidth = text.getBoundingClientRect().width;
      } while (newWidth < 0 || newWidth === originalWidth)
      let response = await fetch(
        testURI("ctr", "font", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: async (key) => {
      let style = document.createElement("style");
      style.type='text/css';
      let fontURI = testURI("resource", "font", key);
      style.innerHTML = `@font-face {font-family: "myFont"; src: url("${fontURI}"); } body { font-family: "myFont" }`;
      document.getElementsByTagName("head")[0].appendChild(style);
      return key;
    }

read: async (key) => {
      const text = document.createElement("span");
      text.id = "text";
      text.innerText = "test";
      document.body.appendChild(text);
      const originalWidth = text.getBoundingClientRect().width;
      let style = document.createElement("style");
      style.type='text/css';
      let fontURI = testURI("resource", "font", key);
      style.innerHTML = `@font-face {font-family: "myFont"; src: url("${fontURI}"); } #text { font-family: "myFont" }`;
      document.getElementsByTagName("head")[0].appendChild(style);
      let newWidth;
      do {
        await sleepMs(100);
        newWidth = text.getBoundingClientRect().width;
      } while (newWidth < 0 || newWidth === originalWidth)
      let response = await fetch(
        testURI("ctr", "font", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: async (key) => {
      let style = document.createElement("style");
      style.type='text/css';
      let fontURI = testURI("resource", "font", key);
      style.innerHTML = `@font-face {font-family: "myFont"; src: url("${fontURI}"); } body { font-family: "myFont" }`;
      document.getElementsByTagName("head")[0].appendChild(style);
      return key;
    }

read: async (key) => {
      const text = document.createElement("span");
      text.id = "text";
      text.innerText = "test";
      document.body.appendChild(text);
      const originalWidth = text.getBoundingClientRect().width;
      let style = document.createElement("style");
      style.type='text/css';
      let fontURI = testURI("resource", "font", key);
      style.innerHTML = `@font-face {font-family: "myFont"; src: url("${fontURI}"); } #text { font-family: "myFont" }`;
      document.getElementsByTagName("head")[0].appendChild(style);
      let newWidth;
      do {
        await sleepMs(100);
        newWidth = text.getBoundingClientRect().width;
      } while (newWidth < 0 || newWidth === originalWidth)
      let response = await fetch(
        testURI("ctr", "font", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: async (key) => {
      let style = document.createElement("style");
      style.type='text/css';
      let fontURI = testURI("resource", "font", key);
      style.innerHTML = `@font-face {font-family: "myFont"; src: url("${fontURI}"); } body { font-family: "myFont" }`;
      document.getElementsByTagName("head")[0].appendChild(style);
      return key;
    }

read: async (key) => {
      const text = document.createElement("span");
      text.id = "text";
      text.innerText = "test";
      document.body.appendChild(text);
      const originalWidth = text.getBoundingClientRect().width;
      let style = document.createElement("style");
      style.type='text/css';
      let fontURI = testURI("resource", "font", key);
      style.innerHTML = `@font-face {font-family: "myFont"; src: url("${fontURI}"); } #text { font-family: "myFont" }`;
      document.getElementsByTagName("head")[0].appendChild(style);
      let newWidth;
      do {
        await sleepMs(100);
        newWidth = text.getBoundingClientRect().width;
      } while (newWidth < 0 || newWidth === originalWidth)
      let response = await fetch(
        testURI("ctr", "font", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 2

result, different session: 2

unsupported: false

passed: false

test failed: false
Failed
write: async (key) => {
      let style = document.createElement("style");
      style.type='text/css';
      let fontURI = testURI("resource", "font", key);
      style.innerHTML = `@font-face {font-family: "myFont"; src: url("${fontURI}"); } body { font-family: "myFont" }`;
      document.getElementsByTagName("head")[0].appendChild(style);
      return key;
    }

read: async (key) => {
      const text = document.createElement("span");
      text.id = "text";
      text.innerText = "test";
      document.body.appendChild(text);
      const originalWidth = text.getBoundingClientRect().width;
      let style = document.createElement("style");
      style.type='text/css';
      let fontURI = testURI("resource", "font", key);
      style.innerHTML = `@font-face {font-family: "myFont"; src: url("${fontURI}"); } #text { font-family: "myFont" }`;
      document.getElementsByTagName("head")[0].appendChild(style);
      let newWidth;
      do {
        await sleepMs(100);
        newWidth = text.getBoundingClientRect().width;
      } while (newWidth < 0 || newWidth === originalWidth)
      let response = await fetch(
        testURI("ctr", "font", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: async (key) => {
      let style = document.createElement("style");
      style.type='text/css';
      let fontURI = testURI("resource", "font", key);
      style.innerHTML = `@font-face {font-family: "myFont"; src: url("${fontURI}"); } body { font-family: "myFont" }`;
      document.getElementsByTagName("head")[0].appendChild(style);
      return key;
    }

read: async (key) => {
      const text = document.createElement("span");
      text.id = "text";
      text.innerText = "test";
      document.body.appendChild(text);
      const originalWidth = text.getBoundingClientRect().width;
      let style = document.createElement("style");
      style.type='text/css';
      let fontURI = testURI("resource", "font", key);
      style.innerHTML = `@font-face {font-family: "myFont"; src: url("${fontURI}"); } #text { font-family: "myFont" }`;
      document.getElementsByTagName("head")[0].appendChild(style);
      let newWidth;
      do {
        await sleepMs(100);
        newWidth = text.getBoundingClientRect().width;
      } while (newWidth < 0 || newWidth === originalWidth)
      let response = await fetch(
        testURI("ctr", "font", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Passed
write: async (key) => {
      let style = document.createElement("style");
      style.type='text/css';
      let fontURI = testURI("resource", "font", key);
      style.innerHTML = `@font-face {font-family: "myFont"; src: url("${fontURI}"); } body { font-family: "myFont" }`;
      document.getElementsByTagName("head")[0].appendChild(style);
      return key;
    }

read: async (key) => {
      const text = document.createElement("span");
      text.id = "text";
      text.innerText = "test";
      document.body.appendChild(text);
      const originalWidth = text.getBoundingClientRect().width;
      let style = document.createElement("style");
      style.type='text/css';
      let fontURI = testURI("resource", "font", key);
      style.innerHTML = `@font-face {font-family: "myFont"; src: url("${fontURI}"); } #text { font-family: "myFont" }`;
      document.getElementsByTagName("head")[0].appendChild(style);
      let newWidth;
      do {
        await sleepMs(100);
        newWidth = text.getBoundingClientRect().width;
      } while (newWidth < 0 || newWidth === originalWidth)
      let response = await fetch(
        testURI("ctr", "font", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 2

unsupported: false

passed: true

test failed: false
Failed
write: async (key) => {
      let style = document.createElement("style");
      style.type='text/css';
      let fontURI = testURI("resource", "font", key);
      style.innerHTML = `@font-face {font-family: "myFont"; src: url("${fontURI}"); } body { font-family: "myFont" }`;
      document.getElementsByTagName("head")[0].appendChild(style);
      return key;
    }

read: async (key) => {
      const text = document.createElement("span");
      text.id = "text";
      text.innerText = "test";
      document.body.appendChild(text);
      const originalWidth = text.getBoundingClientRect().width;
      let style = document.createElement("style");
      style.type='text/css';
      let fontURI = testURI("resource", "font", key);
      style.innerHTML = `@font-face {font-family: "myFont"; src: url("${fontURI}"); } #text { font-family: "myFont" }`;
      document.getElementsByTagName("head")[0].appendChild(style);
      let newWidth;
      do {
        await sleepMs(100);
        newWidth = text.getBoundingClientRect().width;
      } while (newWidth < 0 || newWidth === originalWidth)
      let response = await fetch(
        testURI("ctr", "font", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
iframe cache
An iframe is an element in a web page than allows websites to embed a second web page. Caching of this web page could be abused for cross-site tracking.
              
Failed
write: (key) => new Promise((resolve, reject) => {
      let iframe = document.createElement("iframe");
      document.body.appendChild(iframe);
      iframe.addEventListener("load", () => resolve(key), {once: true});
      iframe.src = testURI("resource", "page", key);
    })

read: async (key) => {
      let iframe = document.createElement("iframe");
      document.body.appendChild(iframe);
      let iframeLoadPromise = new Promise((resolve, reject) => {
        iframe.addEventListener("load", resolve, {once: true});
      });
      let address = testURI("resource", "page", key);
      iframe.src = address;
      await iframeLoadPromise;
      let response = await fetch(
        testURI("ctr", "page", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: (key) => new Promise((resolve, reject) => {
      let iframe = document.createElement("iframe");
      document.body.appendChild(iframe);
      iframe.addEventListener("load", () => resolve(key), {once: true});
      iframe.src = testURI("resource", "page", key);
    })

read: async (key) => {
      let iframe = document.createElement("iframe");
      document.body.appendChild(iframe);
      let iframeLoadPromise = new Promise((resolve, reject) => {
        iframe.addEventListener("load", resolve, {once: true});
      });
      let address = testURI("resource", "page", key);
      iframe.src = address;
      await iframeLoadPromise;
      let response = await fetch(
        testURI("ctr", "page", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: (key) => new Promise((resolve, reject) => {
      let iframe = document.createElement("iframe");
      document.body.appendChild(iframe);
      iframe.addEventListener("load", () => resolve(key), {once: true});
      iframe.src = testURI("resource", "page", key);
    })

read: async (key) => {
      let iframe = document.createElement("iframe");
      document.body.appendChild(iframe);
      let iframeLoadPromise = new Promise((resolve, reject) => {
        iframe.addEventListener("load", resolve, {once: true});
      });
      let address = testURI("resource", "page", key);
      iframe.src = address;
      await iframeLoadPromise;
      let response = await fetch(
        testURI("ctr", "page", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: (key) => new Promise((resolve, reject) => {
      let iframe = document.createElement("iframe");
      document.body.appendChild(iframe);
      iframe.addEventListener("load", () => resolve(key), {once: true});
      iframe.src = testURI("resource", "page", key);
    })

read: async (key) => {
      let iframe = document.createElement("iframe");
      document.body.appendChild(iframe);
      let iframeLoadPromise = new Promise((resolve, reject) => {
        iframe.addEventListener("load", resolve, {once: true});
      });
      let address = testURI("resource", "page", key);
      iframe.src = address;
      await iframeLoadPromise;
      let response = await fetch(
        testURI("ctr", "page", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: (key) => new Promise((resolve, reject) => {
      let iframe = document.createElement("iframe");
      document.body.appendChild(iframe);
      iframe.addEventListener("load", () => resolve(key), {once: true});
      iframe.src = testURI("resource", "page", key);
    })

read: async (key) => {
      let iframe = document.createElement("iframe");
      document.body.appendChild(iframe);
      let iframeLoadPromise = new Promise((resolve, reject) => {
        iframe.addEventListener("load", resolve, {once: true});
      });
      let address = testURI("resource", "page", key);
      iframe.src = address;
      await iframeLoadPromise;
      let response = await fetch(
        testURI("ctr", "page", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: (key) => new Promise((resolve, reject) => {
      let iframe = document.createElement("iframe");
      document.body.appendChild(iframe);
      iframe.addEventListener("load", () => resolve(key), {once: true});
      iframe.src = testURI("resource", "page", key);
    })

read: async (key) => {
      let iframe = document.createElement("iframe");
      document.body.appendChild(iframe);
      let iframeLoadPromise = new Promise((resolve, reject) => {
        iframe.addEventListener("load", resolve, {once: true});
      });
      let address = testURI("resource", "page", key);
      iframe.src = address;
      await iframeLoadPromise;
      let response = await fetch(
        testURI("ctr", "page", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: (key) => new Promise((resolve, reject) => {
      let iframe = document.createElement("iframe");
      document.body.appendChild(iframe);
      iframe.addEventListener("load", () => resolve(key), {once: true});
      iframe.src = testURI("resource", "page", key);
    })

read: async (key) => {
      let iframe = document.createElement("iframe");
      document.body.appendChild(iframe);
      let iframeLoadPromise = new Promise((resolve, reject) => {
        iframe.addEventListener("load", resolve, {once: true});
      });
      let address = testURI("resource", "page", key);
      iframe.src = address;
      await iframeLoadPromise;
      let response = await fetch(
        testURI("ctr", "page", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Passed
write: (key) => new Promise((resolve, reject) => {
      let iframe = document.createElement("iframe");
      document.body.appendChild(iframe);
      iframe.addEventListener("load", () => resolve(key), {once: true});
      iframe.src = testURI("resource", "page", key);
    })

read: async (key) => {
      let iframe = document.createElement("iframe");
      document.body.appendChild(iframe);
      let iframeLoadPromise = new Promise((resolve, reject) => {
        iframe.addEventListener("load", resolve, {once: true});
      });
      let address = testURI("resource", "page", key);
      iframe.src = address;
      await iframeLoadPromise;
      let response = await fetch(
        testURI("ctr", "page", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 2

unsupported: false

passed: true

test failed: false
Failed
write: (key) => new Promise((resolve, reject) => {
      let iframe = document.createElement("iframe");
      document.body.appendChild(iframe);
      iframe.addEventListener("load", () => resolve(key), {once: true});
      iframe.src = testURI("resource", "page", key);
    })

read: async (key) => {
      let iframe = document.createElement("iframe");
      document.body.appendChild(iframe);
      let iframeLoadPromise = new Promise((resolve, reject) => {
        iframe.addEventListener("load", resolve, {once: true});
      });
      let address = testURI("resource", "page", key);
      iframe.src = address;
      await iframeLoadPromise;
      let response = await fetch(
        testURI("ctr", "page", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
image cache
Caching of images in web browsers is a standard behavior. But if that cache leaks between websites, it can be abused for cross-site tracking.
              
Failed
write: (key) => new Promise((resolve, reject) => {
      let img = document.createElement("img");
      document.body.appendChild(img);
      img.addEventListener("load", () => resolve(key), {once: true});
      img.src = testURI("resource", "image", key);
    })

read: async (key) => {
      let img = document.createElement("img");
      document.body.appendChild(img);
      let imgLoadPromise = new Promise((resolve, reject) => {
        img.addEventListener("load", resolve, {once: true});
      });
      img.src = testURI("resource", "image", key);
      await imgLoadPromise;
      let response = await fetch(
        testURI("ctr", "image", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: (key) => new Promise((resolve, reject) => {
      let img = document.createElement("img");
      document.body.appendChild(img);
      img.addEventListener("load", () => resolve(key), {once: true});
      img.src = testURI("resource", "image", key);
    })

read: async (key) => {
      let img = document.createElement("img");
      document.body.appendChild(img);
      let imgLoadPromise = new Promise((resolve, reject) => {
        img.addEventListener("load", resolve, {once: true});
      });
      img.src = testURI("resource", "image", key);
      await imgLoadPromise;
      let response = await fetch(
        testURI("ctr", "image", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: (key) => new Promise((resolve, reject) => {
      let img = document.createElement("img");
      document.body.appendChild(img);
      img.addEventListener("load", () => resolve(key), {once: true});
      img.src = testURI("resource", "image", key);
    })

read: async (key) => {
      let img = document.createElement("img");
      document.body.appendChild(img);
      let imgLoadPromise = new Promise((resolve, reject) => {
        img.addEventListener("load", resolve, {once: true});
      });
      img.src = testURI("resource", "image", key);
      await imgLoadPromise;
      let response = await fetch(
        testURI("ctr", "image", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: (key) => new Promise((resolve, reject) => {
      let img = document.createElement("img");
      document.body.appendChild(img);
      img.addEventListener("load", () => resolve(key), {once: true});
      img.src = testURI("resource", "image", key);
    })

read: async (key) => {
      let img = document.createElement("img");
      document.body.appendChild(img);
      let imgLoadPromise = new Promise((resolve, reject) => {
        img.addEventListener("load", resolve, {once: true});
      });
      img.src = testURI("resource", "image", key);
      await imgLoadPromise;
      let response = await fetch(
        testURI("ctr", "image", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: (key) => new Promise((resolve, reject) => {
      let img = document.createElement("img");
      document.body.appendChild(img);
      img.addEventListener("load", () => resolve(key), {once: true});
      img.src = testURI("resource", "image", key);
    })

read: async (key) => {
      let img = document.createElement("img");
      document.body.appendChild(img);
      let imgLoadPromise = new Promise((resolve, reject) => {
        img.addEventListener("load", resolve, {once: true});
      });
      img.src = testURI("resource", "image", key);
      await imgLoadPromise;
      let response = await fetch(
        testURI("ctr", "image", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: (key) => new Promise((resolve, reject) => {
      let img = document.createElement("img");
      document.body.appendChild(img);
      img.addEventListener("load", () => resolve(key), {once: true});
      img.src = testURI("resource", "image", key);
    })

read: async (key) => {
      let img = document.createElement("img");
      document.body.appendChild(img);
      let imgLoadPromise = new Promise((resolve, reject) => {
        img.addEventListener("load", resolve, {once: true});
      });
      img.src = testURI("resource", "image", key);
      await imgLoadPromise;
      let response = await fetch(
        testURI("ctr", "image", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: (key) => new Promise((resolve, reject) => {
      let img = document.createElement("img");
      document.body.appendChild(img);
      img.addEventListener("load", () => resolve(key), {once: true});
      img.src = testURI("resource", "image", key);
    })

read: async (key) => {
      let img = document.createElement("img");
      document.body.appendChild(img);
      let imgLoadPromise = new Promise((resolve, reject) => {
        img.addEventListener("load", resolve, {once: true});
      });
      img.src = testURI("resource", "image", key);
      await imgLoadPromise;
      let response = await fetch(
        testURI("ctr", "image", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Passed
write: (key) => new Promise((resolve, reject) => {
      let img = document.createElement("img");
      document.body.appendChild(img);
      img.addEventListener("load", () => resolve(key), {once: true});
      img.src = testURI("resource", "image", key);
    })

read: async (key) => {
      let img = document.createElement("img");
      document.body.appendChild(img);
      let imgLoadPromise = new Promise((resolve, reject) => {
        img.addEventListener("load", resolve, {once: true});
      });
      img.src = testURI("resource", "image", key);
      await imgLoadPromise;
      let response = await fetch(
        testURI("ctr", "image", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 2

unsupported: false

passed: true

test failed: false
Failed
write: (key) => new Promise((resolve, reject) => {
      let img = document.createElement("img");
      document.body.appendChild(img);
      img.addEventListener("load", () => resolve(key), {once: true});
      img.src = testURI("resource", "image", key);
    })

read: async (key) => {
      let img = document.createElement("img");
      document.body.appendChild(img);
      let imgLoadPromise = new Promise((resolve, reject) => {
        img.addEventListener("load", resolve, {once: true});
      });
      img.src = testURI("resource", "image", key);
      await imgLoadPromise;
      let response = await fetch(
        testURI("ctr", "image", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
indexedDB
The IndexedDB API exposes a transactional database to web pages. That database can be used to track users across websites, unless it is partitioned.
              
Failed
write: async (secret) => {
      try {
        return await IdbKeyVal.set("secret", secret);
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: () => IdbKeyVal.get("secret")

result, same session: f7e729f7-9e22-4b1b-baa7-038cdd2b7466_3p

result, different session: f7e729f7-9e22-4b1b-baa7-038cdd2b7466_3p

unsupported: false

passed: false

test failed: false
Failed
write: async (secret) => {
      try {
        return await IdbKeyVal.set("secret", secret);
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: () => IdbKeyVal.get("secret")

result, same session: eac80989-abd5-4d75-ab7d-bc4b3f378167_3p

result, different session: eac80989-abd5-4d75-ab7d-bc4b3f378167_3p

unsupported: false

passed: false

test failed: false
Unsupported
write: async (secret) => {
      try {
        return await IdbKeyVal.set("secret", secret);
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: () => IdbKeyVal.get("secret")

result, same session: undefined

result, different session: undefined

unsupported: true

passed: undefined

test failed: false
Failed
write: async (secret) => {
      try {
        return await IdbKeyVal.set("secret", secret);
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: () => IdbKeyVal.get("secret")

result, same session: 25ffccc7-68bd-4d2f-86e0-8a0bb87be277_3p

result, different session: 25ffccc7-68bd-4d2f-86e0-8a0bb87be277_3p

unsupported: false

passed: false

test failed: false
Failed
write: async (secret) => {
      try {
        return await IdbKeyVal.set("secret", secret);
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: () => IdbKeyVal.get("secret")

result, same session: eb0dda01-983e-40e8-b21b-217f51793243_3p

result, different session: eb0dda01-983e-40e8-b21b-217f51793243_3p

unsupported: false

passed: false

test failed: false
Failed
write: async (secret) => {
      try {
        return await IdbKeyVal.set("secret", secret);
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: () => IdbKeyVal.get("secret")

result, same session: e91cf262-3db2-4ce2-9312-b912493f0ef0_3p

result, different session: e91cf262-3db2-4ce2-9312-b912493f0ef0_3p

unsupported: false

passed: false

test failed: false
Passed
write: async (secret) => {
      try {
        return await IdbKeyVal.set("secret", secret);
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: () => IdbKeyVal.get("secret")

result, same session: e54f56ee-527d-4b84-847f-9120b105376f_3p

result, different session: undefined

unsupported: false

passed: true

test failed: false
Unsupported
write: async (secret) => {
      try {
        return await IdbKeyVal.set("secret", secret);
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: () => IdbKeyVal.get("secret")

result, same session: Error: The operation is insecure.

result, different session: Error: The operation is insecure.

unsupported: true

passed: undefined

test failed: false
Failed
write: async (secret) => {
      try {
        return await IdbKeyVal.set("secret", secret);
      } catch (e) {
        throw new Error("Unsupported");
      }
    }

read: () => IdbKeyVal.get("secret")

result, same session: 5c4b21b3-6581-43d2-8006-dc5d38ff986b_3p

result, different session: 5c4b21b3-6581-43d2-8006-dc5d38ff986b_3p

unsupported: false

passed: false

test failed: false
localStorage
The localStorage API gives websites access to a key-value database that will remain available across visits. If the localStorage API is not partitioned or blocked, it can also be used to track users across websites.
              
Failed
write: (secret) => localStorage.setItem("secret", secret)

read: () => localStorage.getItem("secret")

result, same session: f7e729f7-9e22-4b1b-baa7-038cdd2b7466_3p

result, different session: f7e729f7-9e22-4b1b-baa7-038cdd2b7466_3p

unsupported: false

passed: false

test failed: false
Failed
write: (secret) => localStorage.setItem("secret", secret)

read: () => localStorage.getItem("secret")

result, same session: eac80989-abd5-4d75-ab7d-bc4b3f378167_3p

result, different session: eac80989-abd5-4d75-ab7d-bc4b3f378167_3p

unsupported: false

passed: false

test failed: false
Unsupported
write: (secret) => localStorage.setItem("secret", secret)

read: () => localStorage.getItem("secret")

result, same session: null

result, different session: null

unsupported: true

passed: undefined

test failed: false
Failed
write: (secret) => localStorage.setItem("secret", secret)

read: () => localStorage.getItem("secret")

result, same session: 25ffccc7-68bd-4d2f-86e0-8a0bb87be277_3p

result, different session: 25ffccc7-68bd-4d2f-86e0-8a0bb87be277_3p

unsupported: false

passed: false

test failed: false
Failed
write: (secret) => localStorage.setItem("secret", secret)

read: () => localStorage.getItem("secret")

result, same session: eb0dda01-983e-40e8-b21b-217f51793243_3p

result, different session: eb0dda01-983e-40e8-b21b-217f51793243_3p

unsupported: false

passed: false

test failed: false
Failed
write: (secret) => localStorage.setItem("secret", secret)

read: () => localStorage.getItem("secret")

result, same session: e91cf262-3db2-4ce2-9312-b912493f0ef0_3p

result, different session: e91cf262-3db2-4ce2-9312-b912493f0ef0_3p

unsupported: false

passed: false

test failed: false
Passed
write: (secret) => localStorage.setItem("secret", secret)

read: () => localStorage.getItem("secret")

result, same session: e54f56ee-527d-4b84-847f-9120b105376f_3p

result, different session: null

unsupported: false

passed: true

test failed: false
Unsupported
write: (secret) => localStorage.setItem("secret", secret)

read: () => localStorage.getItem("secret")

result, same session: Error: The operation is insecure.

result, different session: Error: The operation is insecure.

unsupported: true

passed: undefined

test failed: false
Failed
write: (secret) => localStorage.setItem("secret", secret)

read: () => localStorage.getItem("secret")

result, same session: 5c4b21b3-6581-43d2-8006-dc5d38ff986b_3p

result, different session: 5c4b21b3-6581-43d2-8006-dc5d38ff986b_3p

unsupported: false

passed: false

test failed: false
prefetch cache
A <link rel='prefetch'...> suggests to browsers they should fetch a resource ahead of time and cache it. But if browsers don't partition this cache, it can be used to track users across websites.
              
Failed
write: async (key) => {
      let link = document.createElement("link");
      link.rel = "prefetch";
      link.href = testURI("resource", "prefetch", key);
      document.getElementsByTagName("head")[0].appendChild(link);
      return key;
    }

read: async (key) => {
      let link = document.createElement("link");
      link.rel = "prefetch";
      link.href = testURI("resource", "prefetch", key);
      document.getElementsByTagName("head")[0].appendChild(link);
      await sleepMs(500);
      let response = await fetch(
        testURI("ctr", "prefetch", key), {"cache": "reload"});
      let countString = (await response.text()).trim();
      if (parseInt(countString) === 0) {
        throw new Error("No requests received");
      }
      return countString;
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: async (key) => {
      let link = document.createElement("link");
      link.rel = "prefetch";
      link.href = testURI("resource", "prefetch", key);
      document.getElementsByTagName("head")[0].appendChild(link);
      return key;
    }

read: async (key) => {
      let link = document.createElement("link");
      link.rel = "prefetch";
      link.href = testURI("resource", "prefetch", key);
      document.getElementsByTagName("head")[0].appendChild(link);
      await sleepMs(500);
      let response = await fetch(
        testURI("ctr", "prefetch", key), {"cache": "reload"});
      let countString = (await response.text()).trim();
      if (parseInt(countString) === 0) {
        throw new Error("No requests received");
      }
      return countString;
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Unsupported
write: async (key) => {
      let link = document.createElement("link");
      link.rel = "prefetch";
      link.href = testURI("resource", "prefetch", key);
      document.getElementsByTagName("head")[0].appendChild(link);
      return key;
    }

read: async (key) => {
      let link = document.createElement("link");
      link.rel = "prefetch";
      link.href = testURI("resource", "prefetch", key);
      document.getElementsByTagName("head")[0].appendChild(link);
      await sleepMs(500);
      let response = await fetch(
        testURI("ctr", "prefetch", key), {"cache": "reload"});
      let countString = (await response.text()).trim();
      if (parseInt(countString) === 0) {
        throw new Error("No requests received");
      }
      return countString;
    }

result, same session: Error: No requests received

result, different session: Error: No requests received

unsupported: true

passed: undefined

test failed: false
Failed
write: async (key) => {
      let link = document.createElement("link");
      link.rel = "prefetch";
      link.href = testURI("resource", "prefetch", key);
      document.getElementsByTagName("head")[0].appendChild(link);
      return key;
    }

read: async (key) => {
      let link = document.createElement("link");
      link.rel = "prefetch";
      link.href = testURI("resource", "prefetch", key);
      document.getElementsByTagName("head")[0].appendChild(link);
      await sleepMs(500);
      let response = await fetch(
        testURI("ctr", "prefetch", key), {"cache": "reload"});
      let countString = (await response.text()).trim();
      if (parseInt(countString) === 0) {
        throw new Error("No requests received");
      }
      return countString;
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Unsupported
write: async (key) => {
      let link = document.createElement("link");
      link.rel = "prefetch";
      link.href = testURI("resource", "prefetch", key);
      document.getElementsByTagName("head")[0].appendChild(link);
      return key;
    }

read: async (key) => {
      let link = document.createElement("link");
      link.rel = "prefetch";
      link.href = testURI("resource", "prefetch", key);
      document.getElementsByTagName("head")[0].appendChild(link);
      await sleepMs(500);
      let response = await fetch(
        testURI("ctr", "prefetch", key), {"cache": "reload"});
      let countString = (await response.text()).trim();
      if (parseInt(countString) === 0) {
        throw new Error("No requests received");
      }
      return countString;
    }

result, same session: Error: No requests received

result, different session: Error: No requests received

unsupported: true

passed: undefined

test failed: false
Failed
write: async (key) => {
      let link = document.createElement("link");
      link.rel = "prefetch";
      link.href = testURI("resource", "prefetch", key);
      document.getElementsByTagName("head")[0].appendChild(link);
      return key;
    }

read: async (key) => {
      let link = document.createElement("link");
      link.rel = "prefetch";
      link.href = testURI("resource", "prefetch", key);
      document.getElementsByTagName("head")[0].appendChild(link);
      await sleepMs(500);
      let response = await fetch(
        testURI("ctr", "prefetch", key), {"cache": "reload"});
      let countString = (await response.text()).trim();
      if (parseInt(countString) === 0) {
        throw new Error("No requests received");
      }
      return countString;
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Unsupported
write: async (key) => {
      let link = document.createElement("link");
      link.rel = "prefetch";
      link.href = testURI("resource", "prefetch", key);
      document.getElementsByTagName("head")[0].appendChild(link);
      return key;
    }

read: async (key) => {
      let link = document.createElement("link");
      link.rel = "prefetch";
      link.href = testURI("resource", "prefetch", key);
      document.getElementsByTagName("head")[0].appendChild(link);
      await sleepMs(500);
      let response = await fetch(
        testURI("ctr", "prefetch", key), {"cache": "reload"});
      let countString = (await response.text()).trim();
      if (parseInt(countString) === 0) {
        throw new Error("No requests received");
      }
      return countString;
    }

result, same session: Error: No requests received

result, different session: Error: No requests received

unsupported: true

passed: undefined

test failed: false
Unsupported
write: async (key) => {
      let link = document.createElement("link");
      link.rel = "prefetch";
      link.href = testURI("resource", "prefetch", key);
      document.getElementsByTagName("head")[0].appendChild(link);
      return key;
    }

read: async (key) => {
      let link = document.createElement("link");
      link.rel = "prefetch";
      link.href = testURI("resource", "prefetch", key);
      document.getElementsByTagName("head")[0].appendChild(link);
      await sleepMs(500);
      let response = await fetch(
        testURI("ctr", "prefetch", key), {"cache": "reload"});
      let countString = (await response.text()).trim();
      if (parseInt(countString) === 0) {
        throw new Error("No requests received");
      }
      return countString;
    }

result, same session: Error: No requests received

result, different session: Error: No requests received

unsupported: true

passed: undefined

test failed: false
Failed
write: async (key) => {
      let link = document.createElement("link");
      link.rel = "prefetch";
      link.href = testURI("resource", "prefetch", key);
      document.getElementsByTagName("head")[0].appendChild(link);
      return key;
    }

read: async (key) => {
      let link = document.createElement("link");
      link.rel = "prefetch";
      link.href = testURI("resource", "prefetch", key);
      document.getElementsByTagName("head")[0].appendChild(link);
      await sleepMs(500);
      let response = await fetch(
        testURI("ctr", "prefetch", key), {"cache": "reload"});
      let countString = (await response.text()).trim();
      if (parseInt(countString) === 0) {
        throw new Error("No requests received");
      }
      return countString;
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
script cache
Caching of scripts in web browsers is a standard behavior. But if that cache leaks between websites, it can be abused for cross-site tracking.
              
Failed
write: (key) => new Promise((resolve, reject) => {
      let script = document.createElement("script");
      document.body.appendChild(script);
      script.addEventListener("load", () => resolve(key), {once: true});
      script.src = testURI("resource", "script", key);
    })

read: async (key) => {
      let script = document.createElement("script");
      document.body.appendChild(script);
      let scriptLoadPromise = new Promise((resolve, reject) => {
        script.addEventListener("load", resolve, {once: true});
      });
      script.src = testURI("resource", "script", key);
      await scriptLoadPromise;
      let response = await fetch(
        testURI("ctr", "script", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: (key) => new Promise((resolve, reject) => {
      let script = document.createElement("script");
      document.body.appendChild(script);
      script.addEventListener("load", () => resolve(key), {once: true});
      script.src = testURI("resource", "script", key);
    })

read: async (key) => {
      let script = document.createElement("script");
      document.body.appendChild(script);
      let scriptLoadPromise = new Promise((resolve, reject) => {
        script.addEventListener("load", resolve, {once: true});
      });
      script.src = testURI("resource", "script", key);
      await scriptLoadPromise;
      let response = await fetch(
        testURI("ctr", "script", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: (key) => new Promise((resolve, reject) => {
      let script = document.createElement("script");
      document.body.appendChild(script);
      script.addEventListener("load", () => resolve(key), {once: true});
      script.src = testURI("resource", "script", key);
    })

read: async (key) => {
      let script = document.createElement("script");
      document.body.appendChild(script);
      let scriptLoadPromise = new Promise((resolve, reject) => {
        script.addEventListener("load", resolve, {once: true});
      });
      script.src = testURI("resource", "script", key);
      await scriptLoadPromise;
      let response = await fetch(
        testURI("ctr", "script", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: (key) => new Promise((resolve, reject) => {
      let script = document.createElement("script");
      document.body.appendChild(script);
      script.addEventListener("load", () => resolve(key), {once: true});
      script.src = testURI("resource", "script", key);
    })

read: async (key) => {
      let script = document.createElement("script");
      document.body.appendChild(script);
      let scriptLoadPromise = new Promise((resolve, reject) => {
        script.addEventListener("load", resolve, {once: true});
      });
      script.src = testURI("resource", "script", key);
      await scriptLoadPromise;
      let response = await fetch(
        testURI("ctr", "script", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: (key) => new Promise((resolve, reject) => {
      let script = document.createElement("script");
      document.body.appendChild(script);
      script.addEventListener("load", () => resolve(key), {once: true});
      script.src = testURI("resource", "script", key);
    })

read: async (key) => {
      let script = document.createElement("script");
      document.body.appendChild(script);
      let scriptLoadPromise = new Promise((resolve, reject) => {
        script.addEventListener("load", resolve, {once: true});
      });
      script.src = testURI("resource", "script", key);
      await scriptLoadPromise;
      let response = await fetch(
        testURI("ctr", "script", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: (key) => new Promise((resolve, reject) => {
      let script = document.createElement("script");
      document.body.appendChild(script);
      script.addEventListener("load", () => resolve(key), {once: true});
      script.src = testURI("resource", "script", key);
    })

read: async (key) => {
      let script = document.createElement("script");
      document.body.appendChild(script);
      let scriptLoadPromise = new Promise((resolve, reject) => {
        script.addEventListener("load", resolve, {once: true});
      });
      script.src = testURI("resource", "script", key);
      await scriptLoadPromise;
      let response = await fetch(
        testURI("ctr", "script", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: (key) => new Promise((resolve, reject) => {
      let script = document.createElement("script");
      document.body.appendChild(script);
      script.addEventListener("load", () => resolve(key), {once: true});
      script.src = testURI("resource", "script", key);
    })

read: async (key) => {
      let script = document.createElement("script");
      document.body.appendChild(script);
      let scriptLoadPromise = new Promise((resolve, reject) => {
        script.addEventListener("load", resolve, {once: true});
      });
      script.src = testURI("resource", "script", key);
      await scriptLoadPromise;
      let response = await fetch(
        testURI("ctr", "script", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Passed
write: (key) => new Promise((resolve, reject) => {
      let script = document.createElement("script");
      document.body.appendChild(script);
      script.addEventListener("load", () => resolve(key), {once: true});
      script.src = testURI("resource", "script", key);
    })

read: async (key) => {
      let script = document.createElement("script");
      document.body.appendChild(script);
      let scriptLoadPromise = new Promise((resolve, reject) => {
        script.addEventListener("load", resolve, {once: true});
      });
      script.src = testURI("resource", "script", key);
      await scriptLoadPromise;
      let response = await fetch(
        testURI("ctr", "script", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 2

unsupported: false

passed: true

test failed: false
Failed
write: (key) => new Promise((resolve, reject) => {
      let script = document.createElement("script");
      document.body.appendChild(script);
      script.addEventListener("load", () => resolve(key), {once: true});
      script.src = testURI("resource", "script", key);
    })

read: async (key) => {
      let script = document.createElement("script");
      document.body.appendChild(script);
      let scriptLoadPromise = new Promise((resolve, reject) => {
        script.addEventListener("load", resolve, {once: true});
      });
      script.src = testURI("resource", "script", key);
      await scriptLoadPromise;
      let response = await fetch(
        testURI("ctr", "script", key), {"cache": "reload"});
      return (await response.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
XMLHttpRequest cache
Similar to the newer Fetch API, any resource received may be cached by the browser. The cache is potentially vulnerable to cross-site tracking attack.
              
Failed
write: async (key) => {
      const req = new XMLHttpRequest();
      const loadPromise = new Promise(resolve => req.addEventListener("load", resolve));
      req.open("GET", testURI("resource", "xhr", key));
      req.send();
      await loadPromise;
      return key;
    }

read: async (key) => {
      const req = new XMLHttpRequest();
      const loadPromise = new Promise(resolve => req.addEventListener("load", resolve));
      req.open("GET", testURI("resource", "xhr", key));
      req.send();
      await loadPromise;
      let countResponse = await fetch(testURI("ctr", "xhr", key),
                                      {cache: "reload"});
      return (await countResponse.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: async (key) => {
      const req = new XMLHttpRequest();
      const loadPromise = new Promise(resolve => req.addEventListener("load", resolve));
      req.open("GET", testURI("resource", "xhr", key));
      req.send();
      await loadPromise;
      return key;
    }

read: async (key) => {
      const req = new XMLHttpRequest();
      const loadPromise = new Promise(resolve => req.addEventListener("load", resolve));
      req.open("GET", testURI("resource", "xhr", key));
      req.send();
      await loadPromise;
      let countResponse = await fetch(testURI("ctr", "xhr", key),
                                      {cache: "reload"});
      return (await countResponse.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: async (key) => {
      const req = new XMLHttpRequest();
      const loadPromise = new Promise(resolve => req.addEventListener("load", resolve));
      req.open("GET", testURI("resource", "xhr", key));
      req.send();
      await loadPromise;
      return key;
    }

read: async (key) => {
      const req = new XMLHttpRequest();
      const loadPromise = new Promise(resolve => req.addEventListener("load", resolve));
      req.open("GET", testURI("resource", "xhr", key));
      req.send();
      await loadPromise;
      let countResponse = await fetch(testURI("ctr", "xhr", key),
                                      {cache: "reload"});
      return (await countResponse.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: async (key) => {
      const req = new XMLHttpRequest();
      const loadPromise = new Promise(resolve => req.addEventListener("load", resolve));
      req.open("GET", testURI("resource", "xhr", key));
      req.send();
      await loadPromise;
      return key;
    }

read: async (key) => {
      const req = new XMLHttpRequest();
      const loadPromise = new Promise(resolve => req.addEventListener("load", resolve));
      req.open("GET", testURI("resource", "xhr", key));
      req.send();
      await loadPromise;
      let countResponse = await fetch(testURI("ctr", "xhr", key),
                                      {cache: "reload"});
      return (await countResponse.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: async (key) => {
      const req = new XMLHttpRequest();
      const loadPromise = new Promise(resolve => req.addEventListener("load", resolve));
      req.open("GET", testURI("resource", "xhr", key));
      req.send();
      await loadPromise;
      return key;
    }

read: async (key) => {
      const req = new XMLHttpRequest();
      const loadPromise = new Promise(resolve => req.addEventListener("load", resolve));
      req.open("GET", testURI("resource", "xhr", key));
      req.send();
      await loadPromise;
      let countResponse = await fetch(testURI("ctr", "xhr", key),
                                      {cache: "reload"});
      return (await countResponse.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: async (key) => {
      const req = new XMLHttpRequest();
      const loadPromise = new Promise(resolve => req.addEventListener("load", resolve));
      req.open("GET", testURI("resource", "xhr", key));
      req.send();
      await loadPromise;
      return key;
    }

read: async (key) => {
      const req = new XMLHttpRequest();
      const loadPromise = new Promise(resolve => req.addEventListener("load", resolve));
      req.open("GET", testURI("resource", "xhr", key));
      req.send();
      await loadPromise;
      let countResponse = await fetch(testURI("ctr", "xhr", key),
                                      {cache: "reload"});
      return (await countResponse.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Failed
write: async (key) => {
      const req = new XMLHttpRequest();
      const loadPromise = new Promise(resolve => req.addEventListener("load", resolve));
      req.open("GET", testURI("resource", "xhr", key));
      req.send();
      await loadPromise;
      return key;
    }

read: async (key) => {
      const req = new XMLHttpRequest();
      const loadPromise = new Promise(resolve => req.addEventListener("load", resolve));
      req.open("GET", testURI("resource", "xhr", key));
      req.send();
      await loadPromise;
      let countResponse = await fetch(testURI("ctr", "xhr", key),
                                      {cache: "reload"});
      return (await countResponse.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
Passed
write: async (key) => {
      const req = new XMLHttpRequest();
      const loadPromise = new Promise(resolve => req.addEventListener("load", resolve));
      req.open("GET", testURI("resource", "xhr", key));
      req.send();
      await loadPromise;
      return key;
    }

read: async (key) => {
      const req = new XMLHttpRequest();
      const loadPromise = new Promise(resolve => req.addEventListener("load", resolve));
      req.open("GET", testURI("resource", "xhr", key));
      req.send();
      await loadPromise;
      let countResponse = await fetch(testURI("ctr", "xhr", key),
                                      {cache: "reload"});
      return (await countResponse.text()).trim();
    }

result, same session: 1

result, different session: 2

unsupported: false

passed: true

test failed: false
Failed
write: async (key) => {
      const req = new XMLHttpRequest();
      const loadPromise = new Promise(resolve => req.addEventListener("load", resolve));
      req.open("GET", testURI("resource", "xhr", key));
      req.send();
      await loadPromise;
      return key;
    }

read: async (key) => {
      const req = new XMLHttpRequest();
      const loadPromise = new Promise(resolve => req.addEventListener("load", resolve));
      req.open("GET", testURI("resource", "xhr", key));
      req.send();
      await loadPromise;
      let countResponse = await fetch(testURI("ctr", "xhr", key),
                                      {cache: "reload"});
      return (await countResponse.text()).trim();
    }

result, same session: 1

result, different session: 1

unsupported: false

passed: false

test failed: false
DNS privacy testsWhich browsers keep their DNS queries encrypted?
The Domain Name System (DNS) is the method by which web browsers look up the IP address for each website you visit. In a DNS query, a web browser will ask a DNS resolver (somewhere on the internet) for the IP address corresponding to a domain name (such as nytimes.com) for a website you want to visit. Traditionally, most web browsers have sent their DNS queries unencrypted, which means your ISP or anyone else on the network between your computer and the DNS resolver can eavesdrop on the websites you visit. In recent years, web browsers and operating systems have begun to introduce encrypted DNS, including the DNS over HTTPS (DoH) protocol, to encrypt the DNS request from your browser and the response from the resolver to keep your browsing history from leaking. These tests check whether a browser is still protecting its DNS requests by sending them encrypted.
        
Location: Brazil
  Checks whether the browser decides to use
  encrypted DNS if the computer is located in Brazil.
              
Failed
passed: false
leak detected: true
Failed
passed: false
leak detected: true
Failed
passed: false
leak detected: true
Failed
passed: false
leak detected: true
Failed
passed: false
leak detected: true
Failed
passed: false
leak detected: true
Failed
passed: false
leak detected: true
Passed
passed: true
leak detected: false
Failed
passed: false
leak detected: true
Location: China
  Checks whether the browser decides to use
  encrypted DNS if the computer is located in China.
              
Failed
passed: false
leak detected: true
Failed
passed: false
leak detected: true
Failed
passed: false
leak detected: true
Failed
passed: false
leak detected: true
Failed
passed: false
leak detected: true
Failed
passed: false
leak detected: true
Failed
passed: false
leak detected: true
Passed
passed: true
leak detected: false
Failed
passed: false
leak detected: true
Location: Germany
  Checks whether the browser decides to use
  encrypted DNS if the computer is located in Germany.
              
Failed
passed: false
leak detected: true
Failed
passed: false
leak detected: true
Failed
passed: false
leak detected: true
Failed
passed: false
leak detected: true
Failed
passed: false
leak detected: true
Failed
passed: false
leak detected: true
Failed
passed: false
leak detected: true
Passed
passed: true
leak detected: false
Failed
passed: false
leak detected: true
Location: India
  Checks whether the browser decides to use
  encrypted DNS if the computer is located in India.
              
Failed
passed: false
leak detected: true
Failed
passed: false
leak detected: true
Failed
passed: false
leak detected: true
Failed
passed: false
leak detected: true
Failed
passed: false
leak detected: true
Failed
passed: false
leak detected: true
Failed
passed: false
leak detected: true
Passed
passed: true
leak detected: false
Failed
passed: false
leak detected: true
Location: Nigeria
  Checks whether the browser decides to use
  encrypted DNS if the computer is located in Nigeria.
              
Failed
passed: false
leak detected: true
Failed
passed: false
leak detected: true
Failed
passed: false
leak detected: true
Failed
passed: false
leak detected: true
Failed
passed: false
leak detected: true
Failed
passed: false
leak detected: true
Failed
passed: false
leak detected: true
Passed
passed: true
leak detected: false
Failed
passed: false
leak detected: true
Location: Russia
  Checks whether the browser decides to use
  encrypted DNS if the computer is located in Russia.
              
Failed
passed: false
leak detected: true
Failed
passed: false
leak detected: true
Failed
passed: false
leak detected: true
Failed
passed: false
leak detected: true
Passed
passed: true
leak detected: false
Failed
passed: false
leak detected: true
Failed
passed: false
leak detected: true
Passed
passed: true
leak detected: false
Failed
passed: false
leak detected: true
Location: United States
  Checks whether the browser decides to use
  encrypted DNS if the computer is located in United States.
              
Failed
passed: false
leak detected: true
Failed
passed: false
leak detected: true
Failed
passed: false
leak detected: true
Failed
passed: false
leak detected: true
Passed
passed: true
leak detected: false
Failed
passed: false
leak detected: true
Failed
passed: false
leak detected: true
Passed
passed: true
leak detected: false
Failed
passed: false
leak detected: true
OS DNS: Cloudflare
  Checks whether the browser decides to use
  encrypted DNS if the operating system's default DNS provider is Cloudflare.
              
Passed
passed: true
leak detected: false
Passed
passed: true
leak detected: false
Passed
passed: true
leak detected: false
Passed
passed: true
leak detected: false
Passed
passed: true
leak detected: false
Failed
passed: false
leak detected: true
Passed
passed: true
leak detected: false
Passed
passed: true
leak detected: false
Passed
passed: true
leak detected: false
OS DNS: Comodo
  Checks whether the browser decides to use
  encrypted DNS if the operating system's default DNS provider is Comodo.
              
Failed
passed: false
leak detected: true
Failed
passed: false
leak detected: true
Failed
passed: false
leak detected: true
Failed
passed: false
leak detected: true
Failed
passed: false
leak detected: true
Failed
passed: false
leak detected: true
Failed
passed: false
leak detected: true
Passed
passed: true
leak detected: false
Failed
passed: false
leak detected: true
OS DNS: Google
  Checks whether the browser decides to use
  encrypted DNS if the operating system's default DNS provider is Google.
              
Passed
passed: true
leak detected: false
Passed
passed: true
leak detected: false
Passed
passed: true
leak detected: false
Passed
passed: true
leak detected: false
Passed
passed: true
leak detected: false
Failed
passed: false
leak detected: true
Passed
passed: true
leak detected: false
Passed
passed: true
leak detected: false
Passed
passed: true
leak detected: false
OS DNS: Quad9
  Checks whether the browser decides to use
  encrypted DNS if the operating system's default DNS provider is Quad9.
              
Failed
passed: false
leak detected: true
Failed
passed: false
leak detected: true
Passed
passed: true
leak detected: false
Failed
passed: false
leak detected: true
Passed
passed: true
leak detected: false
Failed
passed: false
leak detected: true
Passed
passed: true
leak detected: false
Passed
passed: true
leak detected: false
Failed
passed: false
leak detected: true