{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,7,4]],"date-time":"2025-07-04T05:18:43Z","timestamp":1751606323188,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":60,"publisher":"ACM","license":[{"start":{"date-parts":[[2022,12,5]],"date-time":"2022-12-05T00:00:00Z","timestamp":1670198400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"European Union?s Horizon 2020","award":["101019206"],"award-info":[{"award-number":["101019206"]}]},{"name":"DFG","award":["EXC 2092 CASA - 390781972"],"award-info":[{"award-number":["EXC 2092 CASA - 390781972"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2022,12,5]]},"DOI":"10.1145\/3564625.3564647","type":"proceedings-article","created":{"date-parts":[[2022,12,3]],"date-time":"2022-12-03T01:01:29Z","timestamp":1670029289000},"page":"911-922","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":8,"title":["Accept All Exploits: Exploring the Security Impact of Cookie Banners"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-8468-8516","authenticated-orcid":false,"given":"David","family":"Klein","sequence":"first","affiliation":[{"name":"Technische Universit\u00e4t Braunschweig, Germany"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6894-1008","authenticated-orcid":false,"given":"Marius","family":"Musch","sequence":"additional","affiliation":[{"name":"Technische Universit\u00e4t Braunschweig, Germany"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1538-5033","authenticated-orcid":false,"given":"Thomas","family":"Barber","sequence":"additional","affiliation":[{"name":"SAP Security Research, Germany"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-0625-2204","authenticated-orcid":false,"given":"Moritz","family":"Kopmann","sequence":"additional","affiliation":[{"name":"Technische Universit\u00e4t Braunschweig, Germany"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-2574-5060","authenticated-orcid":false,"given":"Martin","family":"Johns","sequence":"additional","affiliation":[{"name":"Technische Universit\u00e4t Braunschweig, Germany"}]}],"member":"320","published-online":{"date-parts":[[2022,12,5]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"crossref","unstructured":"Pieter Agten Steven Van\u00a0Acker Yoran Brondsema Phu\u00a0H Phung Lieven Desmet and Frank Piessens. 2012. JSand: complete client-side sandboxing of third-party JavaScript without browser modifications. In ACSAC.  Pieter Agten Steven Van\u00a0Acker Yoran Brondsema Phu\u00a0H Phung Lieven Desmet and Frank Piessens. 2012. JSand: complete client-side sandboxing of third-party JavaScript without browser modifications. In ACSAC.","DOI":"10.1145\/2420950.2420952"},{"key":"e_1_3_2_1_2_1","volume-title":"Concerning: Complaint relating to Transparency & Consent Framework. https:\/\/www.autoriteprotectiondonnees.be\/publications\/decision-quant-au-fond-n-21-2022-english.pdf. Accessed 27.06.2022.","author":"Data\u00a0Protection Authority Belgian","year":"2022","unstructured":"Belgian Data\u00a0Protection Authority . 2022 . Concerning: Complaint relating to Transparency & Consent Framework. https:\/\/www.autoriteprotectiondonnees.be\/publications\/decision-quant-au-fond-n-21-2022-english.pdf. Accessed 27.06.2022. Belgian Data\u00a0Protection Authority. 2022. Concerning: Complaint relating to Transparency & Consent Framework. https:\/\/www.autoriteprotectiondonnees.be\/publications\/decision-quant-au-fond-n-21-2022-english.pdf. Accessed 27.06.2022."},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/3447852.3458718"},{"key":"e_1_3_2_1_4_1","volume-title":"\u2019It\u2019s Bad Design On Purpose","author":"Ferrari Bianca","year":"2022","unstructured":"Bianca Ferrari . 2021. \u2019It\u2019s Bad Design On Purpose \u2019 \u2013 Why Website Cookie Banners Look Like That. Online https:\/\/www.vice.com\/en\/article\/m7epda\/its-bad-design-on-purpose-why-website-cookie-banners-look-like-that. Accessed 27.06. 2022 . Bianca Ferrari. 2021. \u2019It\u2019s Bad Design On Purpose\u2019 \u2013 Why Website Cookie Banners Look Like That. Online https:\/\/www.vice.com\/en\/article\/m7epda\/its-bad-design-on-purpose-why-website-cookie-banners-look-like-that. Accessed 27.06.2022."},{"key":"e_1_3_2_1_5_1","volume-title":"31st USENIX Security Symposium (USENIX Security 22)","author":"Bollinger Dino","year":"2022","unstructured":"Dino Bollinger , Karel Kubicek , Carlos Cotrini , and David Basin . 2022 . Automating cookie consent and GDPR violation detection . In 31st USENIX Security Symposium (USENIX Security 22) . USENIX Association. Dino Bollinger, Karel Kubicek, Carlos Cotrini, and David Basin. 2022. Automating cookie consent and GDPR violation detection. In 31st USENIX Security Symposium (USENIX Security 22). USENIX Association."},{"key":"e_1_3_2_1_6_1","unstructured":"Cert\/CC. 2000. CERT Advisory CA-2000-02 Malicious HTML Tags Embedded in Client Web Requests.https:\/\/resources.sei.cmu.edu\/library\/asset-view.cfm?assetID=496186. Accessed 09.04.2021.  Cert\/CC. 2000. CERT Advisory CA-2000-02 Malicious HTML Tags Embedded in Client Web Requests.https:\/\/resources.sei.cmu.edu\/library\/asset-view.cfm?assetID=496186. Accessed 09.04.2021."},{"key":"e_1_3_2_1_7_1","unstructured":"Council and Parliament of European Union. 2016. Regulation (EU) 2016\/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95\/46\/EC (General Data Protection Regulation). https:\/\/eur-lex.europa.eu\/legal-content\/EN\/TXT\/?uri=CELEX:02016R0679-20160504.  Council and Parliament of European Union. 2016. Regulation (EU) 2016\/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95\/46\/EC (General Data Protection Regulation). https:\/\/eur-lex.europa.eu\/legal-content\/EN\/TXT\/?uri=CELEX:02016R0679-20160504."},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1007\/s00287-019-01201-1"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1145\/3485447.3512214"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP40001.2021.00022"},{"key":"e_1_3_2_1_11_1","unstructured":"IAB Europe. 2021. What Is The Transparency & Consent Framework (TCF)?https:\/\/iabeurope.eu\/transparency-consent-framework\/.  IAB Europe. 2021. What Is The Transparency & Consent Framework (TCF)?https:\/\/iabeurope.eu\/transparency-consent-framework\/."},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/3419394.3423647"},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/3308558.3313521"},{"key":"e_1_3_2_1_14_1","volume-title":"Treehouse: Javascript Sandboxes to Help Web Developers Help Themselves.. In USENIX ATC.","author":"Ingram Lon","year":"2012","unstructured":"Lon Ingram and Michael Walfish . 2012 . Treehouse: Javascript Sandboxes to Help Web Developers Help Themselves.. In USENIX ATC. Lon Ingram and Michael Walfish. 2012. Treehouse: Javascript Sandboxes to Help Web Developers Help Themselves.. In USENIX ATC."},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"crossref","unstructured":"Trevor Jim Nikhil Swamy and Michael Hicks. 2007. Defeating script injection attacks with browser-enforced embedded policies. In WWW.  Trevor Jim Nikhil Swamy and Michael Hicks. 2007. Defeating script injection attacks with browser-enforced embedded policies. In WWW.","DOI":"10.1145\/1242572.1242654"},{"key":"e_1_3_2_1_16_1","unstructured":"Bobbie Johnson. 2012. What you need to know about the EU Cookie Law. https:\/\/gigaom.com\/2012\/05\/25\/cookie-law-explainer\/.  Bobbie Johnson. 2012. What you need to know about the EU Cookie Law. https:\/\/gigaom.com\/2012\/05\/25\/cookie-law-explainer\/."},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"crossref","unstructured":"Hugo Jonker Stefan Karsch Benjamin Krumnow and Marc Sleegers. 2020. Shepherd: a generic approach toautomating website login?  Hugo Jonker Stefan Karsch Benjamin Krumnow and Marc Sleegers. 2020. Shepherd: a generic approach toautomating website login?","DOI":"10.14722\/madweb.2020.23008"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"crossref","unstructured":"Zifeng Kang Song Li and Yinzhi Cao. 2022. Probe the Proto: Measuring Client-Side Prototype Pollution Vulnerabilities of One Million Real-world Websites. (2022).  Zifeng Kang Song Li and Yinzhi Cao. 2022. Probe the Proto: Measuring Client-Side Prototype Pollution Vulnerabilities of One Million Real-world Websites. (2022).","DOI":"10.14722\/ndss.2022.24308"},{"key":"e_1_3_2_1_19_1","unstructured":"Daniel Kladnik. 2020. I DON\u2019T CARE ABOUT COOKIES 3.2.4. https:\/\/www.i-dont-care-about-cookies.eu\/.  Daniel Kladnik. 2020. I DON\u2019T CARE ABOUT COOKIES 3.2.4. https:\/\/www.i-dont-care-about-cookies.eu\/."},{"key":"e_1_3_2_1_20_1","volume-title":"DOM Based Cross Site Scripting or XSS of the Third Kind","author":"Klein Amit","year":"2005","unstructured":"Amit Klein . 2005. DOM Based Cross Site Scripting or XSS of the Third Kind . Web Application Security Consortium , Articles ( 2005 ). Amit Klein. 2005. DOM Based Cross Site Scripting or XSS of the Third Kind. Web Application Security Consortium, Articles (2005)."},{"key":"e_1_3_2_1_21_1","volume-title":"Hand Sanitizers in the Wild: A Large-scale Study of Custom JavaScript Sanitizer Functions. In 2022 IEEE European Symposium on Security and Privacy (EuroS&P). 236\u2013250","author":"Klein David","year":"2022","unstructured":"David Klein , Thomas Barber , Souphiane Bensalim , Ben Stock , and Martin Johns . 2022 . Hand Sanitizers in the Wild: A Large-scale Study of Custom JavaScript Sanitizer Functions. In 2022 IEEE European Symposium on Security and Privacy (EuroS&P). 236\u2013250 . David Klein, Thomas Barber, Souphiane Bensalim, Ben Stock, and Martin Johns. 2022. Hand Sanitizers in the Wild: A Large-scale Study of Custom JavaScript Sanitizer Functions. In 2022 IEEE European Symposium on Security and Privacy (EuroS&P). 236\u2013250."},{"key":"e_1_3_2_1_22_1","unstructured":"Rolf Bagge Janus\u00a0Bager Kristensen. 2019. Consent-O-Matic. Online https:\/\/github.com\/cavi-au\/Consent-O-Matic. Accessed 27.06.2022.  Rolf Bagge Janus\u00a0Bager Kristensen. 2019. Consent-O-Matic. Online https:\/\/github.com\/cavi-au\/Consent-O-Matic. Accessed 27.06.2022."},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2017.23414"},{"key":"e_1_3_2_1_24_1","volume-title":"Tranco: A Research-Oriented Top Sites Ranking Hardened Against Manipulation.. In NDSS.","author":"Pochat Victor Le","year":"2019","unstructured":"Victor Le Pochat , Tom van Goethem , Samaneh Tajalizadehkhoob , Maciej Korczynski , and Wouter Joosen . 2019 . Tranco: A Research-Oriented Top Sites Ranking Hardened Against Manipulation.. In NDSS. Victor Le Pochat, Tom van Goethem, Samaneh Tajalizadehkhoob, Maciej Korczynski, and Wouter Joosen. 2019. Tranco: A Research-Oriented Top Sites Ranking Hardened Against Manipulation.. In NDSS."},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"crossref","unstructured":"Sebastian Lekies Ben Stock and Martin Johns. 2013. 25 Million Flows Later: Large-scale Detection of DOM-based XSS.. In ACM CCS.  Sebastian Lekies Ben Stock and Martin Johns. 2013. 25 Million Flows Later: Large-scale Detection of DOM-based XSS.. In ACM CCS.","DOI":"10.1145\/2508859.2516703"},{"key":"e_1_3_2_1_26_1","unstructured":"Sam Macbeth. 2020. Cliqz Autoconsent. Online https:\/\/github.com\/ghostery\/autoconsent. Accessed 27.06.2022.  Sam Macbeth. 2020. Cliqz Autoconsent. Online https:\/\/github.com\/ghostery\/autoconsent. Accessed 27.06.2022."},{"key":"e_1_3_2_1_27_1","unstructured":"Matt Burgess. 2021. How to bypass and block infuriating cookie popups. Online https:\/\/www.wired.co.uk\/article\/cookie-popup-blocker-gdpr. Accessed 27.06.2022.  Matt Burgess. 2021. How to bypass and block infuriating cookie popups. Online https:\/\/www.wired.co.uk\/article\/cookie-popup-blocker-gdpr. Accessed 27.06.2022."},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP40000.2020.00076"},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"crossref","unstructured":"William Melicher Anupam Das Mahmood Sharif Lujo Bauer and Limin Jia. 2018. Riding out DOMsday: Towards Detecting and Preventing DOM Cross-Site Scripting.. In NDSS.  William Melicher Anupam Das Mahmood Sharif Lujo Bauer and Limin Jia. 2018. Riding out DOMsday: Towards Detecting and Preventing DOM Cross-Site Scripting.. In NDSS.","DOI":"10.14722\/ndss.2018.23309"},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"crossref","unstructured":"Leo\u00a0A Meyerovich and Benjamin Livshits. 2010. ConScript: Specifying and enforcing fine-grained security policies for Javascript in the browser. In Oakland.  Leo\u00a0A Meyerovich and Benjamin Livshits. 2010. ConScript: Specifying and enforcing fine-grained security policies for Javascript in the browser. In Oakland.","DOI":"10.1109\/SP.2010.36"},{"key":"e_1_3_2_1_31_1","volume-title":"Safe active content in sanitized JavaScript. Google","author":"Miller S","year":"2008","unstructured":"Mark\u00a0 S Miller , Mike Samuel , Ben Laurie , Ihab Awad , and Mike Stay . 2008. Safe active content in sanitized JavaScript. Google , Inc., Tech. Rep( 2008 ). Mark\u00a0S Miller, Mike Samuel, Ben Laurie, Ihab Awad, and Mike Stay. 2008. Safe active content in sanitized JavaScript. Google, Inc., Tech. Rep(2008)."},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1145\/3321705.3329841"},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382274"},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1145\/3313831.3376321"},{"key":"e_1_3_2_1_35_1","first-page":"09","article-title":"OWASP Top 10 \u2013 2013 \u2013 The Ten Most Critical Web Application Security Risks. https:\/\/owasp.org\/www-pdf-archive\/OWASP_Top_10_-_2013.pdf","volume":"16","author":"OWASP Foundation Inc.","year":"2013","unstructured":"OWASP Foundation Inc. 2013 . OWASP Top 10 \u2013 2013 \u2013 The Ten Most Critical Web Application Security Risks. https:\/\/owasp.org\/www-pdf-archive\/OWASP_Top_10_-_2013.pdf . Accessed : 16 . 09 .2021. OWASP Foundation Inc. 2013. OWASP Top 10 \u2013 2013 \u2013 The Ten Most Critical Web Application Security Risks. https:\/\/owasp.org\/www-pdf-archive\/OWASP_Top_10_-_2013.pdf. Accessed: 16.09.2021.","journal-title":"Accessed"},{"key":"e_1_3_2_1_36_1","first-page":"07","article-title":"OWASP Top 10 \u2013 2017 \u2013 The Ten Most Critical Web Application Security Risks. https:\/\/www.owasp.org\/index.php\/Category:OWASP_Top_Ten_Project","volume":"23","author":"OWASP Foundation Inc.","year":"2017","unstructured":"OWASP Foundation Inc. 2017 . OWASP Top 10 \u2013 2017 \u2013 The Ten Most Critical Web Application Security Risks. https:\/\/www.owasp.org\/index.php\/Category:OWASP_Top_Ten_Project . Accessed : 23 . 07 .2021. OWASP Foundation Inc. 2017. OWASP Top 10 \u2013 2017 \u2013 The Ten Most Critical Web Application Security Risks. https:\/\/www.owasp.org\/index.php\/Category:OWASP_Top_Ten_Project. Accessed: 23.07.2021.","journal-title":"Accessed"},{"key":"e_1_3_2_1_37_1","first-page":"09","article-title":"OWASP Top 10 \u2013 2021. https:\/\/owasp.org\/Top10\/","volume":"16","author":"OWASP Foundation Inc.","year":"2021","unstructured":"OWASP Foundation Inc. 2021 . OWASP Top 10 \u2013 2021. https:\/\/owasp.org\/Top10\/ . Accessed : 16 . 09 .2021. OWASP Foundation Inc. 2021. OWASP Top 10 \u2013 2021. https:\/\/owasp.org\/Top10\/. Accessed: 16.09.2021.","journal-title":"Accessed"},{"key":"e_1_3_2_1_38_1","unstructured":"European Parliament and the Council. 2002. Directive 2002\/22\/EC of the European Parliament and of the Council. https:\/\/eur-lex.europa.eu\/legal-content\/en\/TXT\/?uri=CELEX:32002L0022.  European Parliament and the Council. 2002. Directive 2002\/22\/EC of the European Parliament and of the Council. https:\/\/eur-lex.europa.eu\/legal-content\/en\/TXT\/?uri=CELEX:32002L0022."},{"key":"e_1_3_2_1_39_1","unstructured":"European Parliament and the Council. 2002. Directive 2002\/58\/EC of the European Parliament and of the Council. https:\/\/eur-lex.europa.eu\/legal-content\/EN\/TXT\/?uri=CELEX:32002L0058.  European Parliament and the Council. 2002. Directive 2002\/58\/EC of the European Parliament and of the Council. https:\/\/eur-lex.europa.eu\/legal-content\/EN\/TXT\/?uri=CELEX:32002L0058."},{"key":"e_1_3_2_1_40_1","unstructured":"European Parliament and the Council. 2002. Directive 2009\/136\/EC of the European Parliament and of the Council. https:\/\/eur-lex.europa.eu\/legal-content\/EN\/TXT\/?uri=CELEX:32009L0136.  European Parliament and the Council. 2002. Directive 2009\/136\/EC of the European Parliament and of the Council. https:\/\/eur-lex.europa.eu\/legal-content\/EN\/TXT\/?uri=CELEX:32009L0136."},{"key":"e_1_3_2_1_41_1","unstructured":"Privacy International. 2019. Most cookie banners are annoying and deceptive. This is not consent.Online https:\/\/privacyinternational.org\/explainer\/2975\/most-cookie-banners-are-annoying-and-deceptive-not-consent. Accessed 27.06.2022.  Privacy International. 2019. Most cookie banners are annoying and deceptive. This is not consent.Online https:\/\/privacyinternational.org\/explainer\/2975\/most-cookie-banners-are-annoying-and-deceptive-not-consent. Accessed 27.06.2022."},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1145\/3321705.3329806"},{"key":"e_1_3_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP40001.2021.9796062"},{"key":"e_1_3_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.26116\/techreg.2020.009"},{"volume-title":"Privacy Technologies and Policy","author":"Santos Cristiana","key":"e_1_3_2_1_45_1","unstructured":"Cristiana Santos , Midas Nouwens , Michael Toth , Nataliia Bielova , and Vincent Roca . 2021. Consent Management Platforms Under the GDPR: Processors and\/or Controllers? . In Privacy Technologies and Policy . Springer International Publishing , 47\u201369. Cristiana Santos, Midas Nouwens, Michael Toth, Nataliia Bielova, and Vincent Roca. 2021. Consent Management Platforms Under the GDPR: Processors and\/or Controllers?. In Privacy Technologies and Policy. Springer International Publishing, 47\u201369."},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3133966"},{"key":"e_1_3_2_1_47_1","unstructured":"Sooel Son and Vitaly Shmatikov. 2013. The Postman Always Rings Twice: Attacking and Defending postMessage in HTML5 Websites.. In NDSS. https:\/\/doi.org\/ndss2013\/postman-always-rings-twice-attacking-and-defending-postmessage-html5-websites  Sooel Son and Vitaly Shmatikov. 2013. The Postman Always Rings Twice: Attacking and Defending postMessage in HTML5 Websites.. In NDSS. https:\/\/doi.org\/ndss2013\/postman-always-rings-twice-attacking-and-defending-postmessage-html5-websites"},{"key":"e_1_3_2_1_48_1","doi-asserted-by":"publisher","DOI":"10.1109\/EuroSP53844.2022.00021"},{"key":"e_1_3_2_1_49_1","doi-asserted-by":"crossref","unstructured":"Marius Steffens Marius Musch Martin Johns and Ben Stock. 2021. Who\u2019s hosting the block party? studying third-party blockage of csp and sri. In NDSS.  Marius Steffens Marius Musch Martin Johns and Ben Stock. 2021. Who\u2019s hosting the block party? studying third-party blockage of csp and sri. In NDSS.","DOI":"10.14722\/ndss.2021.24028"},{"key":"e_1_3_2_1_50_1","doi-asserted-by":"crossref","unstructured":"Marius Steffens Christian Rossow Martin Johns and Ben Stock. 2019. Don\u2019t Trust The Locals: Investigating the Prevalence of Persistent Client-Side Cross-Site Scripting in the Wild.. In NDSS. https:\/\/doi.org\/ndss-paper\/dont-trust-the-locals-investigating-the-prevalence-of-persistent-client-side-cross-site-scripting-in-the-wild\/  Marius Steffens Christian Rossow Martin Johns and Ben Stock. 2019. Don\u2019t Trust The Locals: Investigating the Prevalence of Persistent Client-Side Cross-Site Scripting in the Wild.. In NDSS. https:\/\/doi.org\/ndss-paper\/dont-trust-the-locals-investigating-the-prevalence-of-persistent-client-side-cross-site-scripting-in-the-wild\/","DOI":"10.14722\/ndss.2019.23009"},{"key":"e_1_3_2_1_51_1","doi-asserted-by":"publisher","DOI":"10.1145\/3372297.3417267"},{"key":"e_1_3_2_1_52_1","volume-title":"USENIX Security Symposium.","author":"Stock Ben","year":"2017","unstructured":"Ben Stock , Martin Johns , Marius Steffens , and Michael Backes . 2017 . How the Web Tangled Itself: Uncovering the History of Client-Side Web (In)Security .. In USENIX Security Symposium. Ben Stock, Martin Johns, Marius Steffens, and Michael Backes. 2017. How the Web Tangled Itself: Uncovering the History of Client-Side Web (In)Security.. In USENIX Security Symposium."},{"key":"e_1_3_2_1_53_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813625"},{"key":"e_1_3_2_1_54_1","unstructured":"Mike Ter\u00a0Louw Karthik\u00a0Thotta Ganesh and VN Venkatakrishnan. 2010. AdJail: Practical Enforcement of Confidentiality and Integrity Policies on Web Advertisements.. In USENIX Security.  Mike Ter\u00a0Louw Karthik\u00a0Thotta Ganesh and VN Venkatakrishnan. 2010. AdJail: Practical Enforcement of Confidentiality and Integrity Policies on Web Advertisements.. In USENIX Security."},{"key":"e_1_3_2_1_55_1","doi-asserted-by":"publisher","DOI":"10.56553\/popets-2022-0082"},{"key":"e_1_3_2_1_56_1","unstructured":"UniConsent. 2022. Google Ad Manager Integration. Online https:\/\/www.uniconsent.com\/docs\/tutorials\/gam-integration.  UniConsent. 2022. Google Ad Manager Integration. Online https:\/\/www.uniconsent.com\/docs\/tutorials\/gam-integration."},{"key":"e_1_3_2_1_57_1","unstructured":"UniConsent. 2022. Google global site tag Integration. Online https:\/\/www.uniconsent.com\/docs\/tutorials\/gtag-integration.  UniConsent. 2022. Google global site tag Integration. Online https:\/\/www.uniconsent.com\/docs\/tutorials\/gtag-integration."},{"key":"e_1_3_2_1_58_1","doi-asserted-by":"crossref","unstructured":"Steven Van\u00a0Acker Philippe De\u00a0Ryck Lieven Desmet Frank Piessens and Wouter Joosen. 2011. WebJail: least-privilege integration of third-party components in web mashups. In ACSAC.  Steven Van\u00a0Acker Philippe De\u00a0Ryck Lieven Desmet Frank Piessens and Wouter Joosen. 2011. WebJail: least-privilege integration of third-party components in web mashups. In ACSAC.","DOI":"10.1145\/2076732.2076775"},{"key":"e_1_3_2_1_59_1","unstructured":"W3C Privacy Community Group. 2021. First-Party Sets. Online https:\/\/github.com\/privacycg\/first-party-sets.  W3C Privacy Community Group. 2021. First-Party Sets. Online https:\/\/github.com\/privacycg\/first-party-sets."},{"key":"e_1_3_2_1_60_1","unstructured":"WIRED. 1999. Sun on Privacy: \u2019Get Over It\u2019. https:\/\/www.wired.com\/1999\/01\/sun-on-privacy-get-over-it\/. Accessed 17.06.2022.  WIRED. 1999. Sun on Privacy: \u2019Get Over It\u2019. https:\/\/www.wired.com\/1999\/01\/sun-on-privacy-get-over-it\/. Accessed 17.06.2022."}],"event":{"name":"ACSAC: Annual Computer Security Applications Conference","acronym":"ACSAC","location":"Austin TX USA"},"container-title":["Proceedings of the 38th Annual Computer Security Applications Conference"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3564625.3564647","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3564625.3564647","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T18:09:12Z","timestamp":1750183752000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3564625.3564647"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,12,5]]},"references-count":60,"alternative-id":["10.1145\/3564625.3564647","10.1145\/3564625"],"URL":"https:\/\/doi.org\/10.1145\/3564625.3564647","relation":{},"subject":[],"published":{"date-parts":[[2022,12,5]]},"assertion":[{"value":"2022-12-05","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}