[Webkit-unassigned] [Bug 209547] New: Cookies can be sent to a 3rd party context
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Mar 25 10:11:36 PDT 2020
https://bugs.webkit.org/show_bug.cgi?id=209547
Bug ID: 209547
Summary: Cookies can be sent to a 3rd party context
Product: WebKit
Version: Safari 13
Hardware: Macintosh
OS: macOS 10.15
Status: NEW
Severity: Normal
Priority: P2
Component: New Bugs
Assignee: webkit-unassigned at lists.webkit.org
Reporter: ericlaw at microsoft.com
Created attachment 394513
--> https://bugs.webkit.org/attachment.cgi?id=394513&action=review
example of unexpected cookies
In playing with these two test pages:
http://enhanceie.com/test/cookie/
http://www.debugtheweb.com/test/cookie/default2.asp
Sometimes using the "Swap 1st party and 3rd Party" button to open cross-origin versions of the pages.
... I sometimes find that cookies are being sent to a 3rd party site.
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_4) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.1 Safari/605.1.15
Other screenshots at https://twitter.com/ericlaw/status/1242852252940935171
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20200325/1a095a7d/attachment.htm>
More information about the webkit-unassigned
mailing list