257845 – SameSite=None cookies are rejected unless the Secure attribute is set. Differences with other browsers

NEW 257845

SameSite=None cookies are rejected unless the Secure attribute is set. Differences with other browsers

https://bugs.webkit.org/show_bug.cgi?id=257845

Summary SameSite=None cookies are rejected unless the Secure attribute is set. Differ...

Karl Dubost

Reported 2023-06-07 22:27:54 PDT

Steps to reproduce: 1. Go to https://samesite-sandbox.glitch.me See differences in between Safari, Firefox Nightly and Chrome Canary 2. Go to https://samesitetest.com/ See differences in between Safari, Firefox Nightly and Chrome Canary It would be good to figure out the differences and how it impacts web compatibility. Maybe that would explain some of the issues detected in the comments of Bug 255524 But this one seems to be an obvious one. https://wpt.fyi/results/cookies/samesite-none-secure/cookies-without-samesite-must-be-secure.https.html?label=master&label=experimental&aligned&q=samesite Also https://wpt.fyi/results/cookies/samesite?label=master&label=experimental&aligned&q=samesite

Attachments
Add attachment proposed patch, testcase, etc.

Radar WebKit Bug Importer

Comment 1 2023-06-07 22:28:04 PDT

Note You need to log in before you can comment on or make changes to this bug.

Status NEW

Resolution

Priority P2

Severity Normal

Classification Unclassified

Version WebKit Nightly Build

Hardware Unspecified

OS Unspecified

Product WebKit

Component New Bugs

Assignee

Nobody

Reported

2023-06-07 22:27 PDT

Modified

2023-06-12 16:07 PDT History

CC List

5 users Show

URL

Keywords BrowserCompat, InRadar, WPTImpact

Depends on

Blocks