Twitter | Pretraživanje | |
Simo Ahava
An amazingly well written description of the upcoming SameSite cookie enforcement in Chrome 80. If your org makes use of cross-origin cookie access, you’re running out of time to fix before Feb 4. Via
Cookies like to get around. They have no scruples about where they go save for some basic constraints relating to the origin from which they were set. I mean have a think about it: If a website sets...
Troy Hunt Troy Hunt @troyhunt
Reply Retweet Označi sa "sviđa mi se" More
John Wilander 4. sij
Odgovor korisniku/ci @SimoAhava @troyhunt
It’s not cross-origin cookies that are affected, it’s cross-site cookies.
Reply Retweet Označi sa "sviđa mi se"
Simo Ahava 4. sij
Odgovor korisniku/ci @johnwilander @troyhunt
I was hoping no one would notice that
Reply Retweet Označi sa "sviđa mi se"
Rogue Photo 4. sij
Odgovor korisniku/ci @SimoAhava @SwiftOnSecurity @troyhunt
Boy, remember the good old days when this was gonna be the standard? And when your browser was maybe not gonna run cross-origined code? Of course, they'll "fix" the cookies, but still run code from wherever, but cookies are more important, right.
Reply Retweet Označi sa "sviđa mi se"
Simo Ahava 4. sij
Also, this is a security move, not a privacy improvement. Cross-site tracking is still unimpeded as vendors can simply flag their trackers as SameSite=None;Secure.
Reply Retweet Označi sa "sviđa mi se"