[Webkit-unassigned] [Bug 257845] New: SameSite=None cookies are rejected unless the Secure attribute is set. Differences with other browsers

Wed Jun 7 22:27:54 PDT 2023

https://bugs.webkit.org/show_bug.cgi?id=257845

            Bug ID: 257845
           Summary: SameSite=None cookies are rejected unless the Secure
                    attribute is set. Differences with other browsers
           Product: WebKit
           Version: WebKit Nightly Build
          Hardware: Unspecified
               URL: https://samesite-sandbox.glitch.me
                OS: Unspecified
            Status: NEW
          Keywords: BrowserCompat, WPTImpact
          Severity: Normal
          Priority: P2
         Component: New Bugs
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: karlcow at apple.com
                CC: webkit-bug-importer at group.apple.com, youennf at gmail.com

Steps to reproduce: 

1. Go to https://samesite-sandbox.glitch.me

See differences in between Safari, Firefox Nightly and Chrome Canary

2. Go to https://samesitetest.com/

See differences in between Safari, Firefox Nightly and Chrome Canary

It would be good to figure out the differences and how it impacts web compatibility. 

Maybe that would explain some of the issues detected in the comments of Bug 255524

But this one seems to be an obvious one.
https://wpt.fyi/results/cookies/samesite-none-secure/cookies-without-samesite-must-be-secure.https.html?label=master&label=experimental&aligned&q=samesite

Also 
https://wpt.fyi/results/cookies/samesite?label=master&label=experimental&aligned&q=samesite

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20230608/e037427f/attachment-0001.htm>