In order for the Intelligent Tracking Prevention (ITP) fix to work you need to install an endpoint on your server that the Symplify script can communicate with. This endpoint will read the cookies from the requests from the Symplify script and then re-set the cookies as first-party cookies. This will make them pass the ITP control.
The following example code is for PHP.
<?php
declare( strict_types=1 );
// Check you browser and look in Application -> Cookies -> YourDomain.com.
// Enter the same domain as presented in the Domain column.
$yourApexDomain = 'symplify.com';
$timeToSaveTheCookie = time() + 3600 * 24 * 10 * 365;
/**
* DO NOT EDIT BENEATH THIS LINE
*/
if($_SERVER['REQUEST_METHOD'] === 'OPTIONS') {
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Methods: POST, OPTIONS');
header('Access-Control-Allow-Headers: Content-Type');
header('Access-Control-Allow-Credentials: true');
header('Access-Control-Max-Age: 86400');
header('Content-Length: 0');
header('Content-Type: text/plain');
exit(0);
}
if($_SERVER['REQUEST_METHOD'] !== 'POST') {
header('Allow: POST, OPTIONS');
header('HTTP/1.1 405 Method Not Allowed');
header('Content-Type: text/plain');
exit(0);
}
function setSGCookies(
string $cookieKey,
string $cookieValue,
int $timeToSaveTheCookie,
string $yourApexDomain
): bool
{
return setcookie(
$cookieKey,
$cookieValue,
$timeToSaveTheCookie,
"/",
".$yourApexDomain",
true
);
}
header('Access-Control-Allow-Credentials:true');
header('Access-Control-Allow-Methods: POST, OPTIONS');
header('Content-Type: application/json');
if (array_key_exists('HTTP_ORIGIN', $_SERVER)) {
header('Access-Control-Allow-Origin: ' . $_SERVER["HTTP_ORIGIN"]);
} else {
header('Access-Control-Allow-Origin:*');
}
if(!empty($_COOKIE)){
foreach ($_COOKIE as $cookieKey => $cookieValue) {
if(str_starts_with($cookieKey, 'sg_')) {
setSGCookies($cookieKey, $cookieValue, $timeToSaveTheCookie, $yourApexDomain);
}
}
exit(0);
}
exit(1);