Issue with "Set-Cookie": Add SameParty attribute information to the page
#2907
Comments
summercms
changed the title
SameParty attribute information to the page
|
Hey @ayumi-cloud, thank you for reporting this. Would you mind to open an issue with https://github.com/mdn/browser-compat-data/issues/new as well to update the compatibility table (fed by the data stored over in that repo)? That would be wonderful! |
chrisdavidmills
added
the
needs triage
hamishwillee
added
p2
|
@Elchi3 FYI only. You're the HTTP triager according to the process, but I had a go at this for practice since none of "mine" came up. I put P2 as HTTP is tier 1 but IMO this is too new to be considered in any way urgent. I think this will take some time, because anything potentially affecting BCD takes forever. Also because I think it may take some time to get our heads around. The linked docs seem comprehensive. The most relevant bit is probably the link here https://github.com/cfredric/sameparty |
|
Thanks @hamishwillee! Imo no need to feel bad about stepping on my or anyones toes. We will need to see how the new triage process works best. Please feel free to act on anything you like to act on. I don't have the bandwidth to do it all anyways. (same for anyone else who wants to triage or help in any way). Your P2 assessment makes sense to me. |
|
I was reading into the issue on BCD about this. It appears to be an origin trial in Chrome only. I don't think this is shipping by default anywhere. @jpmedley might have an opinion on whether this ought to be documented at all (and I'm inclined to skip it for BCD). |
|
Origin trials should not be documented on MDN in any way. (Chris has agreed to this, but I don't know if it's written down anywhere.) Origin trials are not part of the web platform. Pages using them require a Google-issued token, which can be turned off at any time. Origin trials may or may not become part of the platform. When they do become part of the platform they may or may not use the same design. If they do, that says more about the design than about origin trials. |
|
Great. I guess the problem for us is that at the point an issue like this appears it isn't obvious that this is an origin trial. I'll close this for now. We can revisit if it ends up becoming real. |
MDN URL: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie
What information was incorrect, unhelpful, or incomplete?
Missing content.
Specific section or headline?
Add information about the new
SamePartyattribute.What did you expect to see?
I've merged all the information on the web about this new attribute, you can find here:
https://github.com/ayumi-cloud/sc-security-module/blob/master/docs/cookie_first_party_sets.md
Did you test this? If so, how?
No, testing needed. Just need to add info about this new attribute to the page and also update the Browser compatibility table. Google Chrome has added it in v89 see here: https://www.chromestatus.com/feature/5280634094223360
MDN Content page report details
en-us/web/http/headers/set-cookieThe text was updated successfully, but these errors were encountered: