[Webkit-unassigned] [Bug 218002] New: SameSite=Lax cookies are not sent along with fetch request from extension

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Tue Oct 20 16:29:06 PDT 2020 

https://bugs.webkit.org/show_bug.cgi?id=218002

            Bug ID: 218002
           Summary: SameSite=Lax cookies are not sent along with fetch
                    request from extension
           Product: WebKit
           Version: Safari 14
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Major
          Priority: P2
         Component: WebKit2
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: zimbabao at gmail.com

We are migrating a chrome WebExtension. The extension makes API calls from the popup to our domain.
We are a subscription service and expect auth-cookie to be sent along with API requests from the extension. Our auth cookies are SameSite=Lax.

Chrome and Firefox allow SameSite=Lax cookie to be sent with API calls from the extension, but Safari does not.

The expected behavior is: SameSite: Lax cookies should follow the behavior as extension in Chrome and Firefox.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20201020/b49c6e94/attachment-0001.htm>

More information about the webkit-unassigned mailing list