[Webkit-unassigned] [Bug 159464] New: Implement the `SameSite` cookie attribute.

Wed Jul 6 05:29:41 PDT 2016

https://bugs.webkit.org/show_bug.cgi?id=159464

            Bug ID: 159464
           Summary: Implement the `SameSite` cookie attribute.
    Classification: Unclassified
           Product: WebKit
           Version: WebKit Nightly Build
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Enhancement
          Priority: P2
         Component: WebCore Misc.
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: mkwst at chromium.org

https://tools.ietf.org/html/draft-ietf-httpbis-cookie-same-site defines a `SameSite` cookie attribute which allows servers to mitigate the risk of cross-site request forgery attacks, as well as some kinds of cross-origin information leakage.

Chrome shipped this feature in 51 (https://bugs.chromium.org/p/chromium/issues/detail?id=459154#c32), Firefox is working on an implementation (https://bugzilla.mozilla.org/show_bug.cgi?id=795346). It would be lovely if WebKit could do the same.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-unassigned/attachments/20160706/023bc1a9/attachment.html>