[Webkit-unassigned] [Bug 201646] New: Cookie sameSite Lax setting and .lan domains
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Sep 10 09:04:24 PDT 2019
https://bugs.webkit.org/show_bug.cgi?id=201646
Bug ID: 201646
Summary: Cookie sameSite Lax setting and .lan domains
Product: WebKit
Version: Safari 12
Hardware: Macintosh
OS: macOS 10.14
Status: NEW
Severity: Major
Priority: P2
Component: New Bugs
Assignee: webkit-unassigned at lists.webkit.org
Reporter: ngoff at clearlyrated.com
I am uncertain if this is with WebKit or something deeper at the OS level. Our internal development environment uses .lan tld for all of our development servers. With the latest release of Safari and Mojave we have found that cookies are not being sent along by the browser with our ajax calls when we have the sameSite setting set to Lax. If we don't set it then everything works as normal. This appears to be a bug as we are always on the same site when this issue occurs, so it is confusing why it would determine it should not send them along. We do not see this issue in our production systems where we are using a traditional .com tld. It almost seems like the browser has determined .lan to not be 'safe enough' and therefore is not passing along the cookies like it should.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20190910/4d569dc8/attachment-0001.html>
More information about the webkit-unassigned
mailing list