[Webkit-unassigned] [Bug 232440] Service Worker breaks sameSite=lax cookies
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Nov 15 06:58:59 PST 2021
https://bugs.webkit.org/show_bug.cgi?id=232440
--- Comment #6 from erik.witt at baqend.com ---
Hey, yes, I see the same thing. Using the address bar at all seems to set the context to same site. In that case even the sameSite=strict cookies send, I think.
However using the back button (and afterwards reloading via ctrl+r) results in the issue but also when you follow a link e.g. from Google.
We actually would this issue on production pages when navigating from an external payment provider (PayPal) back to the page. In that case the session was cleared and the order process aborted because of it.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20211115/de26edaf/attachment.htm>
More information about the webkit-unassigned
mailing list