RESOLVED FIXED 265634
Samesite=Lax is not always working in Safari 
https://bugs.webkit.org/show_bug.cgi?id=265634
Summary Samesite=Lax is not always working in Safari
Karl Dubost
Reported 2023-12-01 00:39:40 PST
In Bug 255524 There is a long thread of discussions around the fact that some users have issues with cookies not working. Most of the time, developers have been able to solve it by setting Samesite = None instead of Samesite = Lax. This is not an acceptable solution, security wise. ed created a demo for reproducing the issue. See Bug 255524 Comment #75 https://github.com/edimoldovan/safari-cookies-test Additional Notes: - localhost with no proxy running - someone says that this happening with iframes. The WebKit opened this bug to continue the investigation and possibly tries to identify the culprit. Todo: * Trying to get to a point where we can reliably reproduce the bug.
Attachments
Add attachment proposed patch, testcase, etc.
Radar WebKit Bug Importer
Comment 1 2023-12-08 00:40:14 PST
<rdar://problem/119362503>
youenn fablet
Comment 2 2023-12-14 08:45:39 PST
Pull request: https://github.com/WebKit/WebKit/pull/21801
youenn fablet
Comment 3 2023-12-14 08:47:36 PST
<rdar://117905897>
EWS
Comment 4 2023-12-14 12:13:38 PST
Committed 272062@main (3096c561acce): <https://commits.webkit.org/272062@main> Reviewed commits have been landed. Closing PR #21801 and removing active labels.
Peter
Comment 5 2024-03-27 03:27:34 PDT
Do you plan to backport this to 16.x?
Note You need to log in before you can comment on or make changes to this bug.