- From: <internet-drafts@ietf.org>
- Date: Mon, 25 Jan 2016 06:08:29 -0800
- To: <i-d-announce@ietf.org>
- Cc: ietf-http-wg@w3.org
A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Hypertext Transfer Protocol Working Group of the IETF. Title : Same-site Cookies Authors : Mike West Mark Goodwin Filename : draft-west-first-party-cookies-06.txt Pages : 13 Date : 2016-01-25 Abstract: This document updates RFC6265 by defining a "SameSite" attribute which allows servers to assert that a cookie ought not to be sent along with cross-site requests. This assertion allows user agents to mitigate the risk of cross-origin information leakage, and provides some protection against cross-site request forgery attacks. The IETF datatracker status page for this draft is: https://datatracker.ietf.org/doc/draft-west-first-party-cookies/ There's also a htmlized version available at: https://tools.ietf.org/html/draft-west-first-party-cookies-06 A diff from the previous version is available at: https://www.ietf.org/rfcdiff?url2=draft-west-first-party-cookies-06 Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. Internet-Drafts are also available by anonymous FTP at: ftp://ftp.ietf.org/internet-drafts/
Received on Monday, 25 January 2016 14:08:57 UTC