Hi Mike – FYI I turned this into a TAG issue here https://github.com/w3ctag/spec-reviews/issues/114 and we will discuss and assign this week at our f2f. Dan On Fri, Mar 25, 2016 at 9:37 AM Mike West <mkwst@google.com> wrote: > Hello, lovely TAG enthusiasts. > > The last few times I've visited with y'all, we've chatted a bit about > upcoming changes to cookies. I'd like to draw your attention to one in > particular, as Alex suggested that it might be relevant to some discussions > you're having regarding the same-origin policy. > > We're planning on shipping a `SameSite` attribute (née "First-Party-Only" > (née "First-Party")) in Chrome ~51 that aims to address CSRF and > information leakage attacks. I'm pretty excited about it, and folks at > Mozilla seem equally interested: > > Spec: https://tools.ietf.org/html/draft-west-first-party-cookies > > Intent to Ship: > https://groups.google.com/a/chromium.org/forum/#!topic/blink-dev/csCtW3M3-wg > > Feedback from y'all on this feature or others that you might be interested > in seeing would be totally welcome. > > Thanks! > > -mike >Received on Wednesday, 30 March 2016 14:40:40 UTC
This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 22:57:13 UTC