Skip to content

Commit

Permalink
[FedCM] Send SameSite=Lax cookies, in addition to None
Browse files Browse the repository at this point in the history 
See discussion in w3c-fedid/FedCM#587

This is behind the FedCmSameSiteLax flag for now.

Bug: 350944661
Change-Id: I3e5fe99b98560f680217cd3326ff66d290a5290f
  • Loading branch information
@cbiesinger @chromium-wpt-export-bot
cbiesinger authored and chromium-wpt-export-bot committed Jul 9, 2024
1 parent 17e3ded commit e4807d7
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 0 deletions.
1 change: 1 addition & 0 deletions fedcm/support/accounts_check_same_site_strict.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ def main(request, response):
return request_error
if request.cookies.get(b"same_site_strict") == b"1":
return (546, [], "Should not send SameSite=Strict cookies")
# TODO(crbug.com/350944661): We want to send these cookies.
if request.cookies.get(b"same_site_lax") == b"1":
return (547, [], "Should not send SameSite=Lax cookies")
if request.headers.get(b"Sec-Fetch-Site") != b"cross-site":
Expand Down
1 change: 1 addition & 0 deletions fedcm/support/token_check_same_site_strict.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ def main(request, response):
return request_error
if request.cookies.get(b"same_site_strict") == b"1":
return (546, [], "Should not send SameSite=Strict cookies")
# TODO(crbug.com/350944661): We want to send these cookies.
if request.cookies.get(b"same_site_lax") == b"1":
return (547, [], "Should not send SameSite=Lax cookies")

Expand Down

0 comments on commit e4807d7

Please sign in to comment.