[webkit-dev] Same-Site cookies by default

Patrick Griffis pgriffis at igalia.com
Fri Mar 6 13:07:22 PST 2020

Chromium has had the idea to treat all cookies as SameSite=Lax by
default as well as blocking SameSite=None over HTTP for a while now,
hidden behind a flag, and seem to be rolling this out soon.

The topic is discussed in detail here:

I just wondered if other developers had any thoughts on this move and
if/when WebKit should follow. The downside is of course compatibility
but the upside is improved privacy.

More information about the webkit-dev mailing list