[webkit-dev] Same-Site cookies by default
Patrick Griffis
pgriffis at igalia.com
Fri Mar 6 13:07:22 PST 2020
Chromium has had the idea to treat all cookies as SameSite=Lax by
default as well as blocking SameSite=None over HTTP for a while now,
hidden behind a flag, and seem to be rolling this out soon.
The topic is discussed in detail here:
https://web.dev/samesite-cookies-explained/#changes-to-the-default-behavior-without-samesite
I just wondered if other developers had any thoughts on this move and
if/when WebKit should follow. The downside is of course compatibility
but the upside is improved privacy.
More information about the webkit-dev
mailing list