Safari and iOS ITP 2.1. Its effects on testing and what you can do about them.

Issue Description

As of March 25th, Apple released iOS 12.2 and Safari 12.1 on macOS High Sierra and Mojave. This includes ITP 2.1 (Intelligent Tracking Prevention), which enforces new rules that prevent certain tracking functions in the above-mentioned browsers.

In relation to Convert Experiences, it means that browser-issued cookies now have an enforced duration of seven days. Convert cookies are written exclusively by the browser, so current Convert cookies will be deleted after this seven day period.

In experiment terms, it means that visitors that have been previously bucketed into an experiment will be counted again if they return after seven days. Also, if they convert again after the 7 day period, the new conversion will be counted in the experiment. The default behavior is that Convert counts only the first conversion.

This could affect your experiment results substantially, as the usage of the affected browsers can be large in certain markets like the United States.



As mentioned above, the new cookie duration restrictions are on browser-created cookies and not server-issued cookies. Convert's solution is to issue the cookie that tracks experience data directly from the customer's web server. In this way, the convert script won't have the restrictions imposed by ITP 2.1 on the browser-side.

To facilitate this, we are making available some code snippets to integrate on our customers' web server infrastructure. These code snippets are available for the following platforms: PHP, Node JS HTTP Module, Node JS Express, Ruby and Python.

PHP Code


$currentTime = time();
$convertCookieName = "_conv_v";

$yourTopDomain = "";

$defaultCookieData = "vi:1*sc:0*cs:$currentTime*fs:$currentTime*pv:0";

if(isset($_COOKIE[$convertCookieName])) $cookieData = $_COOKIE[$convertCookieName];

else $cookieData = $defaultCookieData;

//set the cookie

setcookie($convertCookieName,$cookieData, $currentTime + 15768000, "/", $yourTopDomain);


Node JS HTTP Module Code

Requires cookie module.

  var currentTime = Math.floor(;
    var convertCookieName = "_conv_v";
  var yourTopDomain = "";
    var defaultCookieData = "vi:1*sc:0*cs:"+currentTime+"*fs:"+currentTime+"*pv:0";

    var cookieData = defaultCookieData;
    if(request.headers.cookie) {
      var cookies = cookie.parse(request.headers.cookie);
      if(cookies[convertCookieName]) {
        cookieData = cookies[convertCookieName];

    response.setHeader('Set-Cookie', cookie.serialize(convertCookieName, cookieData, {
      maxAge: 15768000,
      path: '/',
      domain: yourTopDomain

Node JS Express Code

Requires cookie-parser module required as cookieParser is no longer bundled with Express and must be installed separately.

    var currentTime = Math.floor(;
    var convertCookieName = "_conv_v";
  var yourTopDomain = "";
    var defaultCookieData = "vi:1*sc:0*cs:"+currentTime+"*fs:"+currentTime+"*pv:0";

    var cookieData = defaultCookieData;
    if(request.cookies[convertCookieName]) {
      cookieData = request.cookies[convertCookieName];

    response.cookie(convertCookieName, cookieData, { 
      maxAge: 15768000 * 1000,
      path: '/',
      domain: yourTopDomain

Ruby Code

currentTime =
convertCookieName = "_conv_v"
yourTopDomain = ""
defaultCookieData = "vi:1*sc:0*cs:#{currentTime}*fs:#{currentTime}*pv:0"

cookieData = defaultCookieData
if request.cookies[convertCookieName]
    cookieData = request.cookies[convertCookieName]

    :value => cookieData,
    :domain => yourTopDomain,
    :path => "/",
    :expires => + 15768000)

request is instance of Rack::Request
response is instance of Rack::Response

Python Code

import Cookie
import datetime
import os

currentTime ='%s')
convertCookieName = '_conv_v'
yourTopDomain = ''
defaultCookieData = 'vi:1*sc:0*cs:'+currentTime+'fs:'+currentTime+'*pv:0'
cookieData = Cookie.SimpleCookie()
if 'HTTP_COOKIE' in os.environ:
if (convertCookieName not in cookieData) or (not cooieData[convertCookieName].value.strip()):
    cookieData[convertCookieName] = defaultCookieData
# Set the cookie
cookieData[convertCookieName]['domain'] = yourTopDomain
cookieData[convertCookieName]['path'] = '/'
cookieData[convertCookieName]['max-age'] = 15768000
print cookieData[convertCookieName].output()


Shopify (or any similar platform where you are prevented from adding any of the above code)

In the case that you are unable to add the required code (such as on Shopify's platform), the solution will be such as the following:

  1. Create a subdomain of your main domain and host it somewhere.
  2. Upload one of the scripts mentioned above to the host of the new subdomain. That host would need to support the language the script used, from the ones mentioned in this article. You will need to verify the script is running on the server correctly when called.
  3. Call the script in Shopify (eg templates, additional scripts, etc.). Tip: You can do it this way: <img src="cookiescript.php" width="0" height="0">
    You will have to store it in the theme.liquid, cart-template.liquid (if possible in your Shopify install). 


Contact us through the support channels if you have any questions about the above.

Need assistance? Start a conversation with our Support Team.

Reliably Convert More Site Visitors, Even If Everything Else is Changing in Your Business.

✓ No Credit Card  ✓ Easy Set-Up  ✓ Access All Features