On Mon, Sep 14, 2020 at 10:00 AM Michael Reeps <mre...@gmail.com> wrote:
> I am seeing this warning now, even when I am in a first party context: > > Cookie "xxx” will be soon rejected because it has the “SameSite” attribute > set to “None” or an invalid value, without the “secure” attribute. The > cookies in question are set in the .cfainstitute.org domain and being > read only in that same domain. Am I to infer they are going to be rejected > anyway, simply because they lack the "secure" attribute? > That is what the proposed spec change requires, yes. https://tools.ietf.org/html/draft-west-cookie-incrementalism-01#section-3.2 -Dan Veditz _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
