Bug 218002 - SameSite=Lax cookies are not sent along with fetch request from extension
Summary: SameSite=Lax cookies are not sent along with fetch request from extension
Status: NEW
Alias: None
Product: WebKit
Classification: Unclassified
Component: WebKit2 (show other bugs)
Version: Safari 14
Hardware: Unspecified Unspecified
: P1 Major
Assignee: Nobody
URL:
Keywords: InRadar
Depends on:
Blocks:
 
Reported: 2020-10-20 16:29 PDT by Rajaram Gaunker
Modified: 2023-12-05 17:52 PST (History)
11 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Rajaram Gaunker 2020-10-20 16:29:06 PDT 
We are migrating a chrome WebExtension. The extension makes API calls from the popup to our domain.
We are a subscription service and expect auth-cookie to be sent along with API requests from the extension. Our auth cookies are SameSite=Lax.

Chrome and Firefox allow SameSite=Lax cookie to be sent with API calls from the extension, but Safari does not.

The expected behavior is: SameSite: Lax cookies should follow the behavior as extension in Chrome and Firefox.
Comment 1 Smoley 2020-10-22 14:07:03 PDT 
Thanks for filing. For internal tracking this may be related to rdar://64303685.
Comment 2 Radar WebKit Bug Importer 2020-10-22 14:08:11 PDT 
<rdar://problem/70588554>