Re: FYI: Same-site cookies.

Hi Mike – FYI I turned this into a TAG issue here and we will discuss and
assign this week at our f2f. Dan

On Fri, Mar 25, 2016 at 9:37 AM Mike West <> wrote:

> Hello, lovely TAG enthusiasts.
> The last few times I've visited with y'all, we've chatted a bit about
> upcoming changes to cookies. I'd like to draw your attention to one in
> particular, as Alex suggested that it might be relevant to some discussions
> you're having regarding the same-origin policy.
> We're planning on shipping a `SameSite` attribute (née "First-Party-Only"
> (née "First-Party")) in Chrome ~51 that aims to address CSRF and
> information leakage attacks. I'm pretty excited about it, and folks at
> Mozilla seem equally interested:
> Spec:
> Intent to Ship:
> Feedback from y'all on this feature or others that you might be interested
> in seeing would be totally welcome.
> Thanks!
> -mike

Received on Wednesday, 30 March 2016 14:40:40 UTC