W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 2016

I-D Action: draft-west-first-party-cookies-05.txt

From: <internet-drafts@ietf.org>
Date: Thu, 21 Jan 2016 01:15:35 -0800
To: <i-d-announce@ietf.org>
Cc: ietf-http-wg@w3.org
Message-ID: <20160121091535.13084.74672.idtracker@ietfa.amsl.com>

A New Internet-Draft is available from the on-line Internet-Drafts directories.
 This draft is a work item of the Hypertext Transfer Protocol Working Group of the IETF.

        Title           : Same-site Cookies
        Authors         : Mike West
                          Mark Goodwin
	Filename        : draft-west-first-party-cookies-05.txt
	Pages           : 12
	Date            : 2016-01-21

   This document updates RFC6265 by defining a "SameSite" attribute
   which allows servers to assert that a cookie ought not to be sent
   along with cross-site requests.  This assertion allows user agents to
   mitigate the risk of cross-origin information leakage, and provides
   some protection against cross-site request forgery attacks.

The IETF datatracker status page for this draft is:

There's also a htmlized version available at:

A diff from the previous version is available at:

Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

Internet-Drafts are also available by anonymous FTP at:
Received on Thursday, 21 January 2016 09:16:05 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 22 March 2016 12:47:11 UTC