>Forcing websites to explicitly mark cross-site cookies, or they get blocked for cross-site usage.
Why does anyone even allow third-party cookies anymore? I've had them disabled for years at this point, and I can count on one hand the number of times it's been noticeable, and I think there was only a single time I actually found it worthwhile to enable third party cookies to access the site.
Just a piece of anecdata: a (large) bank we work for struggles with this all the time. Because of historical/branding reasons, they use several different domains. The services used to be quite independent, so everything used to work fine. Because of PSD2 APIs and other developments, they moved on to a central (SSO) authentication page, used from all services on various domains (needing the common authentication cookie). Since then, we fight with the various privacy protections, people blocking third-party cookies, etc. (I'm not saying it's technically impossible to solve, or even saying it's wrong to block third-party cookies. Just... we'll have a lot of work to do, as everyone moves in that direction.)
Why does anyone even allow third-party cookies anymore? I've had them disabled for years at this point, and I can count on one hand the number of times it's been noticeable, and I think there was only a single time I actually found it worthwhile to enable third party cookies to access the site.