Full Answer

Safari's tracker detection operates on two parallel systems that together create a dynamic, continuously adapting defence against cross-site tracking — and understanding both matters for anyone managing a WooCommerce tracking stack.

The machine learning classifier runs locally on the user's device, analysing domain behaviour patterns without sending browsing data to Apple. It evaluates several signals simultaneously: how many distinct first-party sites load resources from a given domain, whether the domain sets identifiers in cross-site contexts, whether it participates in redirect chains that pass user identifiers between domains, and whether it attempts browser fingerprinting through canvas, WebGL, or font enumeration APIs.

When the classifier flags a domain, Safari applies a graduated set of restrictions. Third-party cookies from that domain are blocked entirely. Storage access is partitioned so the domain cannot correlate a user's identity across different first-party sites. If a user arrives via a link decorated with parameters from that domain, JavaScript-set cookies are capped at 24 hours instead of the standard 7-day limit.

The maintained blocklist supplements the classifier with known tracking domains, shipping with macOS and iOS updates. But the real power lies in the machine learning layer, which can flag new tracking behaviour without requiring a blocklist update. Server-side measurement avoids this classification entirely because the data transmission happens from your first-party server, not from a third-party domain loaded in the browser.