- From: Daniel Veditz <dveditz@mozilla.com>
- Date: Thu, 5 May 2016 08:11:52 -0700
- To: Martin Thomson <martin.thomson@gmail.com>
- Cc: Mark Nottingham <mnot@mnot.net>, HTTP Working Group <ietf-http-wg@w3.org>
Received on Thursday, 5 May 2016 15:20:28 UTC
On Wed, May 4, 2016 at 7:24 AM, Martin Thomson <martin.thomson@gmail.com> wrote: > On 4 May 2016 at 17:17, Mark Nottingham <mnot@mnot.net> wrote: > > 1) Your intent to implement it (or lack thereof). > We are currently working on supporting same-site cookies, targeting Firefox 50 . > > 2) Your support for the spec (or lack thereof). > Mozilla supports this feature. > My only reservation is the further slide > > into cookie-madness. Cookies never played by origin, but we're making > > it worse and worse and worse. > How so? Cookies are already madness; the recent proposals have been attempts to give sites a way to opt-in to safer behaviors without forcing everything to upgrade at once. - Dan Veditz
Received on Thursday, 5 May 2016 15:20:28 UTC