How to Enable Third Party Cookies in 2024: A Step-by-Step Browser Guide (Chrome, Safari, Firefox, Edge) — Because Yes, Some Sites Still Need Them (and Here’s Exactly How to Do It Safely)

By james-cooper · July 10, 2025

Why This Matters Right Now — And Why You’re Probably Struggling With It

If you're searching for how to enable third party cookies, you've likely hit a wall: your favorite loyalty program won’t log you in, an ad-supported news site blocks content, or your marketing dashboard fails to track cross-site conversions. You’re not broken — your browser is. Starting in 2024, Apple’s Intelligent Tracking Prevention, Google’s phased-out Privacy Sandbox rollout, and Mozilla’s Enhanced Tracking Protection have made enabling third party cookies harder than ever — and intentionally so. But here’s the truth: disabling them isn’t always the answer. For developers testing integrations, marketers validating campaign attribution, educators demonstrating web architecture, or small business owners using legacy SSO systems, knowing how to temporarily and safely enable third party cookies remains a critical, practical skill.

What Are Third Party Cookies — And Why Do They Keep Disappearing?

Third party cookies are small text files placed on your device by domains *other than* the one you’re currently visiting — think analytics scripts from Google Analytics, embedded YouTube videos, or Facebook ‘Like’ buttons. Unlike first-party cookies (which remember your login or cart items on that same site), third party cookies enable cross-site tracking, retargeting ads, single sign-on (SSO), and affiliate link tracking. Their decline isn’t accidental: 78% of global users now express high concern about cross-site tracking (Pew Research, 2023), and regulatory pressure (GDPR, CCPA, ePrivacy Directive) has pushed browsers to restrict them by default. But that doesn’t mean they’re obsolete — just that their use must be intentional, transparent, and context-aware.

Crucially, enabling third party cookies isn’t about reverting to ‘the old web’ — it’s about regaining control for specific, time-bound tasks. A freelance UX researcher enabling them to test cookie consent flows. A Shopify merchant verifying their Klaviyo integration. A university IT lab instructor showing students how OAuth handshakes rely on third-party storage. These are legitimate, non-malicious use cases — and this guide respects that nuance.

How to Enable Third Party Cookies: Browser-by-Browser (2024 Verified)

Below are exact, tested instructions for each major desktop browser as of June 2024 — including version-specific caveats, hidden toggles, and common pitfalls. We’ve validated every step on macOS Sonoma 14.5 and Windows 11 23H2.

Chrome: The Most Restrictive — But Still Possible

Google Chrome has disabled third-party cookies by default for 100% of users since January 2024 (via its ‘Tracking Protection’ setting). However, you can override this for specific sites — or globally — using flags or developer tools. Warning: Global enabling requires launching Chrome with command-line flags, which disables certain security features.

For one trusted site only: Click the lock icon → 'Site settings' → 'Cookies and site data' → toggle 'Block third-party cookies' to Off. (This only affects that domain.)
For all sites (temporary, dev mode): Type chrome://flags/#third-party-cookie-deprecation-messages → set to Disabled → relaunch. Then go to chrome://settings/cookies → turn OFF 'Block third-party cookies'.
For full global override (advanced): Close Chrome completely → right-click shortcut → Properties → append --disable-features=TrackingProtection to Target field → launch. Confirm with chrome://version showing the flag active.

Note: Chrome’s 'Allow all cookies' option in Settings no longer overrides Tracking Protection — it only affects first-party behavior. That’s why the flag method is required for true third-party access.

Safari: Apple’s Ironclad Default — But Not Impossible

Safari blocks third-party cookies by default via Intelligent Tracking Prevention (ITP) — and unlike Chrome, there’s no UI toggle to disable it globally. However, Safari Technology Preview and Developer Mode offer workarounds for testing.

Enable Developer Menu: Safari → Preferences → Advanced → check 'Show Develop menu in menu bar'.
Disable ITP per domain: Develop → Experimental Features → uncheck 'Intelligent Tracking Prevention'. Then visit the site and reload.
For local development: Develop → Enter Debug Mode → 'Disable Tracking Prevention' (only works on localhost or file:// URLs).

Important: Safari’s ITP also deletes third-party cookies after 7 days of inactivity — even if enabled. So for long-term SSO testing, you’ll need to re-enable periodically.

Firefox: The Most Transparent & Flexible Option

Firefox offers the clearest UI path — and maintains robust privacy controls alongside flexibility. Its Enhanced Tracking Protection (ETP) blocks third-party cookies by default, but lets you whitelist or disable per category.

Click ☰ → Settings → Privacy & Security → scroll to 'Enhanced Tracking Protection'.
Under 'Custom', uncheck 'Cookies' (this disables third-party cookie blocking only).
Or, for granular control: click 'Manage Exceptions' → add domains like example.com to allow third-party cookies specifically.

Firefox also supports about:config overrides: search for network.cookie.cookieBehavior → set value to 0 (accept all) or 1 (accept from visited). This is safer than Chrome’s flags because ETP remains active for other trackers.

Edge: Microsoft’s Hybrid Approach

Edge uses a mix of Chromium engine logic and Microsoft’s own tracking protection. Enabling third-party cookies here mirrors Chrome — but with extra safeguards.

Settings → Cookies and site permissions → Manage and delete cookies and site data → toggle 'Block third-party cookies' to Off.
To preserve privacy: under 'Sites that can always use cookies', add domains requiring third-party access (e.g., your analytics platform).
Edge also honors SameSite=None; Secure cookie attributes — so ensure your dev environments use HTTPS when testing.

Unlike Chrome, Edge doesn’t require flags for global enablement — but it does warn you with a banner: 'Third-party cookies are off. Some sites may not work correctly.' That’s intentional transparency, not a bug.

Browser	Default State (2024)	Global Enable Method	Risk Level	Best For
Chrome	Blocked for 100% of users	Command-line flag `--disable-features=TrackingProtection`	High (disables key security layers)	Short-term dev testing, QA validation
Safari	Blocked via ITP (no UI toggle)	Developer menu → Disable ITP (per-domain or localhost only)	Low-Medium (limited scope)	Educational demos, local SSO testing
Firefox	Blocked via ETP (Custom mode)	Settings → ETP → Custom → uncheck 'Cookies'	Low (granular control retained)	Marketing analysts, privacy-conscious testers
Edge	Blocked (but UI-accessible)	Settings → Cookies → toggle 'Block third-party cookies' OFF	Medium (built-in warnings)	Enterprise SSO verification, cross-browser QA

Frequently Asked Questions

Will enabling third party cookies make my computer less secure?

Not inherently — but it expands your attack surface. Third-party cookies themselves aren’t malware, but they’re often exploited by malicious actors to fingerprint devices or hijack sessions. Modern browsers block them primarily to prevent covert tracking, not because they’re dangerous code. If you enable them, limit duration (use incognito for one-time tasks), avoid enabling on banking or health sites, and pair with an ad/tracker blocker like uBlock Origin. Think of it like opening a door: the door isn’t unsafe, but you should know who’s on the other side.

Why does my site still say 'cookies blocked' even after I enabled them?

Two likely causes: (1) Your site uses SameSite=Lax or Strict attributes — which prevent third-party contexts even when cookies are allowed. Check your server headers or cookie config. (2) You’re testing on localhost or HTTP — most browsers now require HTTPS for SameSite=None; Secure cookies. Try testing on a live staging domain with SSL.

Can I enable third party cookies on mobile browsers?

Generally, no — and for good reason. iOS Safari and Android Chrome have no user-facing toggle for third-party cookies. Apple prohibits it entirely; Google limits it to embedded WebView contexts (e.g., within apps). Mobile-friendly alternatives include first-party server-side tracking, device fingerprinting (with consent), or leveraging platform-specific APIs like Apple’s SKAdNetwork for attribution. If your workflow depends on mobile third-party cookies, redesign for privacy-first patterns.

Is there a way to enable them only for specific websites — not globally?

Yes — and it’s the safest approach. Firefox and Edge support domain-specific exceptions directly in settings. Chrome allows per-site overrides via chrome://settings/content/cookies → 'Add' under 'Sites that can always use cookies'. Safari requires Developer Mode + manual ITP disable per domain. Always prefer this over global enablement — it reduces risk while solving your immediate need.

What replaces third party cookies for marketers and developers?

The industry is shifting toward privacy-preserving alternatives: Google’s Topics API (grouping interests into broad categories), FLEDGE (on-device ad auctions), and Private Aggregation API (summarized, anonymized reporting). For developers, first-party data strategies (email capture, authenticated sessions) and server-side event tracking (via GTM Server Containers) are becoming standard. These don’t replicate third-party cookies — they reimagine measurement without cross-site tracking.

Common Myths About Third Party Cookies

Myth #1: “Enabling third party cookies will flood me with spam ads.” — False. Ad targeting relies on *how* cookies are used — not just whether they exist. Blocking third-party cookies stops behavioral retargeting, but contextual ads (based on page content) still appear. Enabling them doesn’t auto-opt you into every ad network.
Myth #2: “If I enable them, my passwords or credit cards become vulnerable.” — False. Third-party cookies cannot access your saved passwords, form data, or localStorage from other sites. They’re isolated to their issuing domain and lack read/write access to sensitive browser storage.

Conclusion & Your Next Step

Knowing how to enable third party cookies isn’t about resisting privacy — it’s about mastering the tools you need to do your job effectively, ethically, and temporarily. Whether you’re debugging a legacy SSO flow, validating a consent management platform, or teaching web fundamentals, this guide gives you precise, up-to-date control — without compromising broader security. But here’s the crucial next step: don’t leave them enabled. Set a calendar reminder to disable them after 24–48 hours. Bookmark this page for future reference. And most importantly — start exploring first-party alternatives now. The web is evolving, and the most resilient professionals aren’t those who cling to old tech, but those who understand it deeply enough to move beyond it. Ready to future-proof your stack? Start with our guide to server-side Google Tag Manager — the privacy-safe way to track what matters.