Reverse the Rules: How JENTIS Reverse Proxy helps you keep first-party cookies persistent in Safari

In today’s web environment, maintaining data integrity and ensuring smooth communication between client devices and servers is paramount. A key technology supporting this process is the reverse proxy solution, which plays a crucial role in managing web traffic and overcoming cookie management challenges introduced by Safari 16.4+. Understanding the relationship between this solution and Safari cookie limits is essential for ensuring seamless web tracking.

What is a Reverse Proxy?

A reverse proxy is a server positioned between client devices and a web server. Unlike a forward proxy, which acts on behalf of the client by forwarding its requests to the internet, a reverse proxy works on behalf of the web server. It intercepts incoming client requests and forwards them to the appropriate web server. This server then processes the request and sends the response back to the client through the reverse proxy.

The reverse proxy serves multiple functions, including load balancing, security enhancement, and improved performance. However, its role in cookie management, particularly in the context of Safari’s latest updates, is becoming increasingly critical.

Safari 16.4+ and Cookie Management Challenges

Safari version 16.4+ introduced new limitations on the lifetime of server-set first-party cookies. These limitations apply in specific scenarios and pose challenges for businesses relying on cookies for tracking and other purposes.

There are two primary cases where Safari enforces a maximum 7-day lifetime for cookies:

1. CNAME Resolution to a Third-Party Host: When the server setting the cookie is behind a CNAME that resolves, at any point, to a third-party host different from the website the user is browsing.
2. Mismatch in A/AAAA Records: When the server setting the cookie is associated with A/AAAA records that resolve to an IP address whose first two octets do not match the first two octets of the IP address of the web server hosting the website.

For example, if a user accesses tracking.example.com, and this resolves to a CNAME such as jentis.com, Safari will limit the cookie’s lifespan to 7 days. Similarly, if tracking.example.com resolves to an IP address like 222.222.2.22 while the main website runs on 111.111.1.11, the cookie will again be capped at 7 days due to the mismatch in the first two octets of the IP addresses.

How Does a Reverse Proxy Work?

Let’s break down the reverse proxy process in the context of web tracking:

Image 1 shows a user visiting a webpage, and the usual browser operations occur, including requesting the content from the web server.

As the webpage loads, a tracking code, provided by JENTIS, is requested from a specific subdomain (e.g., hash.example.com) and loaded into the browser. This step is a simple file request, with no cookies being set at this point. These steps are shown in the image below. 

As the user interacts with the webpage, tracking events are triggered. These events generate requests sent to the reverse proxy hosted at example.com/hash (number 5 in the image below). The reverse proxy receives these requests and forwards them to the JENTIS server (hash.example.com). The JENTIS server then processes these requests and sends back a response through the reverse proxy (number 6 in the image below).

Conclusion

Reverse proxies play a crucial role in modern web infrastructure, particularly in managing web traffic, enhancing security, and ensuring compliance with browser-specific requirements like those introduced by Safari 16.4+. By hosting a reverse proxy on the same server as your webpage content, you can maintain accurate tracking data without interruptions.

For businesses using JENTIS, the reverse proxy solution is an effective way to ensure that your tracking efforts remain robust and reliable despite of Safari’s ITP restrictions.