2.9.1 Ensure 'Enable First-Party Sets' Is Disabled

Information

This policy controls access to the First-Party Sets. First-party Sets are a way for sites to declare relationships with each other and enable limited cross-site cookie access for specific, user-facing purposes. It can configured to either:

Disabled (0): Disable First-Party Sets for all affected users

Enabled (1): Enable First-Party Sets for all affected users

Rationale:

Setting this policy will not allow sites to declare the relationships that allow them to access the cross-site cookies.

Impact:

This may cause unexpected behavior as a user moves between affiliated sites.

Solution

To establish the recommended configuration via GP, set the following UI path to Disabled:

Computer Configuration\Policies\Administrative Templates\Google\Google Chrome\Content settings\Enable Firty-Party Sets

Default Value:

Enabled

See Also

https://workbench.cisecurity.org/benchmarks/8691

Item Details

Category: AUDIT AND ACCOUNTABILITY

References: 800-53|AU-4

Plugin: Windows

Control ID: 4932e4cd420128f31da84a40cacd859842493060f172a46f34ed137f97cc324e