Googleusercontent.com can trip you up, if you disable third-party cookies

Technology, Usability

Most browsers allow third-party cookies, by default. And, most of the time, these cookies are used by advertising networks to track users as they move across different websites.

Some folks take the trouble of disabling third-party cookies, which can be done using your browser’s “Preferences” settings: the actual mechanism varies based upon which browser you are using.

If you do turn off third-party cookies, you may find that images that you upload to your Kerika pages do not appear correctly. That’s because all files that you upload to your Kerika pages are stored in your own Google account, so when you are viewing a Kerika project page, some of that content is coming from your Google Docs account.

Recently, Google has started storing images in a new domain, called googleusercontent.com. This domain is used for a variety of purposes, including cached copies of websites visited by the Google search engine, but the general purpose of this domain appears to be to store static content: i.e. content that is not expected to change.

So, if you have turned off third-party cookies in your browser, you may find that images are not shown when you visit your Kerika page. And, the whole process may be something of a mystery to you, although our latest version includes a new warning message when we detect that this problem might exist.

It’s easiest to spot this problem if you are using the Google Chrome browser because that shows you, at the far right end of the address bar, that there is a potential problem with cookies on the page you are currently viewing. Here’s an example:

Cookie warning from Google Chrome
Cookie warning from Google Chrome

The address bar shows a broken cookie image, and when you click on that cookie image you get a dialog box that tells your page is having problems with cookies. When you see this, click on the “Show cookies and other site data…” button

Click on this button

And this will then show you details of the cookies that are being allowed, and the ones that are being blocked:

Blocked cookies
Blocked cookies

You need to allow cookies from googleusercontent.com in order for your images to show up correctly on your Kerika pages.

Unblocking individual cookies
Unblocking individual cookies

However, the problem with googleusercontent.com may not end here: when you enable cookies from somewhere.googleusercontent.com, you are only permitting cookies from that particular sub-domain! In the example above, we are allowing cookies from doc-0k-0c-docs.googleusercontent.com.

Allowing cookies from somewhere.googleusercontent.com doesn’t mean that you have also allowed cookies from somewhere-else.googleusercontent.com: in other words, allowing cookies from one sub-domain of googleusercontent.com doesn’t automatically mean you are allowing cookies from all other sub-domains of googleusercontent.com.

And this can cause repeated problems when you are using Kerika, because when you upload images to your Kerika page, Google may place these on entirely different sub-domains of googleusercontent.com. We have no control over which sub-domain Google chooses at any point, so you could have one page show images correctly – after you have permitted cookies from that sub-domain – and another sub-domain get blocked when you navigate to another Kerika page, even a page that’s part of the same Kerika project.

It’s a tricky problem, and the solution doesn’t lie in our hands since it is entirely up to Google as to where they choose to store your documents within the hundreds of domains and the thousands of sub-domains that they control. The easiest bet, of course, is to allow third-party cookies – which you may already be doing, unless you have changed your browser defaults – but if that’s not acceptable to you, you might want to look at using the Chrome browser and watching out for that broken cookie image in your address bar.

UPDATED NOV 11, 2016:

A reader, Carey Dessaix from Australia, offers a better solution to just allowing all third-party cookies:

Adding “[*.]googleusercontent.com” is a solution.

Just go to Chrome settings > Advanced Settings > Privacy > Content settings.

Click “Manage exceptions” and add the following as allowed which will allow allow subdomains including the actual domain as well.

[*.]googleusercontent.com

(Thanks, Carey!)