W3C home > Mailing lists > Public > public-webappsec@w3.org > June 2013

Cross-Origin Cookies Sharing Proposal

From: Huan Du <dh20156@gmail.com>
Date: Fri, 21 Jun 2013 19:49:39 +0800
Message-ID: <CAMBN-K4y891dJcAngvw0sBgPrpC0NFGGCuq0cL17=wrn+UB1oQ@mail.gmail.com>
To: (wrong string) ‹Šž <csf178@gmail.com>, yiorsi@gmail.com
Guys,

As privacy awareness becomes prevelant, the trend is that future
browsers are going to ban third-party Cookies by default.

This is a good thing for users, but for giant internet companies, this has
no doubt increases the difficult and complexity of implementing user session
synchronization.

Is it possible to, like Cross-Origin Resource Sharing, allow a site to
indicate which domains it would like to share Cookies with?

The user account management system of Alibaba  have encountered this issues
and been troubled by this issue. It there's a proposal like this, it would
be very nice.

Regards,
Charlie Du
Received on Friday, 21 June 2013 11:50:06 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:02 UTC