I've been just forbidding third party cookies and forcing any domain that isn't on a permit-list to expire at end of session for the longest time and I feel like it's been pretty effective
(tbqh i can think of maybe like two sites i'd ever actually want to use that actually need 3rd party cookies to function)
but placing cookies in their own isolated, per-site namespace? cool