Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Mention SameSite cookies in accounts fetch #550

Merged
merged 4 commits into from
Feb 14, 2025
Merged

Mention SameSite cookies in accounts fetch #550

merged 4 commits into from
Feb 14, 2025

Conversation

npm1
Copy link
Collaborator

@npm1 npm1 commented Mar 12, 2024
edited by pr-preview bot
Loading

This PR adds a mention to which cookies ought to be sent in the accounts fetch. Once cookie layering work is done, we can remove this note and properly specify it.

Relevant issue: #609

Preview | Diff

@npm1
Copy link
Collaborator Author

npm1 commented Sep 11, 2024

This PR aligns the spec with the Chrome implementation. But there is some feedback that we may need to change the implementation on #587. We can either keep this PR pending the resolution of that or land it and possibly address the changes from that later.

cbiesinger
cbiesinger reviewed Sep 12, 2024
View reviewed changes
Copy link
Collaborator

@cbiesinger cbiesinger left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Section 2 ("The Browser API") says that "unpartitioned cookies are included, as if the resource was loaded as a same-origin request, e.g. regardless of the SameSite value". That should probably be updated too?

spec/index.bs Outdated Show resolved Hide resolved
npm1 added 2 commits September 18, 2024 17:00
@npm1
Mention SameSite cookies in accounts fetch
bfbfc6b 
This PR adds a mention to which cookies ought to be sent in the accounts fetch. Once cookie layering work is done, we can remove this note and properly specify it.
@npm1
feedback
5d4f161
@npm1 npm1 force-pushed the accounts-samesite branch from 69fdf09 to 5d4f161 Compare September 18, 2024 21:00
@npm1
Copy link
Collaborator Author

npm1 commented Sep 19, 2024

Section 2 ("The Browser API") says that "unpartitioned cookies are included, as if the resource was loaded as a same-origin request, e.g. regardless of the SameSite value". That should probably be updated too?

Updated, ptal

cbiesinger
cbiesinger approved these changes Sep 19, 2024
View reviewed changes
spec/index.bs Outdated Show resolved Hide resolved
spec/index.bs Outdated Show resolved Hide resolved
TallTed
TallTed reviewed Sep 20, 2024
View reviewed changes
spec/index.bs Outdated Show resolved Hide resolved
TallTed
TallTed reviewed Sep 20, 2024
View reviewed changes
spec/index.bs Outdated Show resolved Hide resolved
@npm1 @TallTed
Apply suggestions from code review
662dc2e 
Co-authored-by: Ted Thibodeau Jr <tthibodeau@openlinksw.com>
@npm1 npm1 merged commit a895902 into main Feb 14, 2025
1 check passed
@npm1 npm1 deleted the accounts-samesite branch February 14, 2025 18:24
github-actions bot added a commit that referenced this pull request Feb 14, 2025
@npm1 @github-actions
Mention SameSite cookies in accounts fetch (#550)
361ab4b 
SHA: a895902
Reason: push, by npm1

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
github-actions bot added a commit to mattdanielbrown/WebID that referenced this pull request Feb 14, 2025
@npm1 @github-actions
Mention SameSite cookies in accounts fetch (w3c-fedid#550)
e601182 
SHA: a895902
Reason: push, by pull[bot]

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@TallTed TallTed TallTed left review comments

@cbiesinger cbiesinger cbiesinger approved these changes

@bvandersloot-mozilla bvandersloot-mozilla bvandersloot-mozilla approved these changes

Assignees
No one assigned
Labels
chrome
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@npm1 @cbiesinger @TallTed @bvandersloot-mozilla @samuelgoto