Wikipedia

HTTP cookie: Difference between revisions

Browse history interactively
← Previous editNext edit →
Content deleted Content added
VisualWikitext
Cross-site scripting: cookie theft: fix syntaxhighlight error
m {{anchor|SameSite cookie}}Same-site cookie: Grammar - "keep all apps run as before" sb "let all apps run as before"; correcting edit done by Pleasancoder on 2020 April 4‎ at 14:09
Line 53:
The Same-site cookie is incorporated into [https://tools.ietf.org/html/draft-ietf-httpbis-rfc6265bis-07 a new RFC draft for "Cookies: HTTP State Management Mechanism"] to update RFC 6265 (if approved).
 
Chrome, Firefox, Microsoft Edge all started to support Same-site cookies.<ref name="sJzIz">{{Cite web|url=https://www.lambdatest.com/SameSite-cookie-attribute|title = Browser Compatibility Testing of 'SameSite' cookie attribute}}</ref> The key of rollout is the treatment of existing cookies without the SameSite attribute defined, Chrome has been treating those existing cookies as if SameSite=None, this would keeplet all website/applications run as before. Google intended to change that default to SameSite=Lax in February 2020,<ref name="QPJhf">{{Cite web|title=SameSite Cookie Changes in February 2020: What You Need to Know|url=https://blog.chromium.org/2020/02/samesite-cookie-changes-in-february.html|access-date=2021-04-05|website=Chromium Blog|language=en}}</ref> the change would break those applications/websites that rely on third-party/cross-site cookies, but without SameSite attribute defined. Given the extensive changes for web developers and [[COVID-19]] circumstances, Google temporarily rolled back the SameSite cookie change.<ref name="Ne4hV">{{Cite web|title=Temporarily rolling back SameSite Cookie Changes|url=https://blog.chromium.org/2020/04/temporarily-rolling-back-samesite.html|access-date=2021-04-05|website=Chromium Blog|language=en}}</ref>
 
===Supercookie===
Retrieved from "https://en.wikipedia.org/wiki/HTTP_cookie"