Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Consider adding None to the list of values for the SameSite attribute. #788

Closed
mikewest opened this issue Apr 9, 2019 · 1 comment
Closed

Consider adding None to the list of values for the SameSite attribute. #788

mikewest opened this issue Apr 9, 2019 · 1 comment
Assignees
@mikewest
Labels
6265bis

Comments

@mikewest
Copy link
Member

mikewest commented Apr 9, 2019

Giving developers an explicit keyword that asserts non-SameSiteness seems like it's both helpful from an explanatory perspective, and could open paths towards tightening cookie behavior in the future. Perhaps something like SameSite=None to represent the status quo default behavior. That is, the following two Set-Cookie header values would produce the same cookie today:

name=value

name=value; SameSite=None
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@mikewest mikewest

Labels
6265bis
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mikewest and others