-
Notifications
You must be signed in to change notification settings - Fork 31
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Servers Partitioning All Cookies #84
Comments
There are a few effects of doing this that come to my mind right now, mostly regarding partitioning top-level cookies:
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The documentation states that partitioning is an opt-in in order for third party cookies to work in some contexts (same top level sites). It briefly goes over some reasons such as the principle of least privilege and avoiding unexpected bugs in the browswer.
However, my question is what are the downsides / issues if an application server partitions all applicable (ie. SameSite=None & Secure) cookies? The documentation mentioned browsers partitioning by default, but what if the servers added the "Partitioned" attribute to all eligible cookies avoid applications from breaking.
Appreciate any help. Thanks!
Edit: Would the consequences of a server partitioning all cookies be the same as if the browser partitioned by default -- simply avoiding unexpected bugs?
The text was updated successfully, but these errors were encountered: