- From: Daniel Appelquist <notifications@github.com>
- Date: Wed, 30 Mar 2016 07:38:03 -0700
- To: w3ctag/spec-reviews <spec-reviews@noreply.github.com>
Received on Wednesday, 30 March 2016 14:38:32 UTC
>From @mikewest : https://lists.w3.org/Archives/Public/www-tag/2016Mar/0008.html > Hello, lovely TAG enthusiasts. > > The last few times I've visited with y'all, we've chatted a bit about upcoming changes to cookies. I'd like to draw your attention to one in particular, as Alex suggested that it might be relevant to some discussions you're having regarding the same-origin policy. > > We're planning on shipping a `SameSite` attribute (née "First-Party-Only" (née "First-Party")) in Chrome ~51 that aims to address CSRF and information leakage attacks. I'm pretty excited about it, and folks at Mozilla seem equally interested: > > Spec: https://tools.ietf.org/html/draft-west-first-party-cookies > > Intent to Ship: https://groups.google.com/a/chromium.org/forum/#!topic/blink-dev/csCtW3M3-wg > > Feedback from y'all on this feature or others that you might be interested in seeing would be totally welcome. > > Thanks! --- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/w3ctag/spec-reviews/issues/114
Received on Wednesday, 30 March 2016 14:38:32 UTC