Closed
Bug 1682450
Opened 4 years ago
Closed 4 years ago
When multiple SameSite attributes are present Firefox should parse the final one
Categories
(Core :: DOM: Security, defect, P2)
Core
DOM: Security
Tracking
()
RESOLVED
FIXED
86 Branch
Tracking | Status | |
---|---|---|
firefox86 | --- | fixed |
People
(Reporter: englehardt, Assigned: englehardt)
Details
(Whiteboard: [domsecurity-active], [wptsync upstream])
Attachments
(1 file)
See https://github.com/httpwg/http-extensions/issues/933. We've decided to align with the most recent version of the spec and only parse the final SameSite attribute. This also aligns with every other cookie attribute that accepts multiple values.
Assignee | ||
Comment 1•4 years ago
|
||
Updated•4 years ago
|
Severity: -- → S3
Priority: -- → P2
Whiteboard: [domsecurity-active]
Pushed by senglehardt@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/c4a59b084d7b Parse only the final SameSite attribute when mutliple are present; r=baku
Created web-platform-tests PR https://github.com/web-platform-tests/wpt/pull/26978 for changes under testing/web-platform/tests
Whiteboard: [domsecurity-active] → [domsecurity-active], [wptsync upstream]
Comment 4•4 years ago
|
||
bugherder |
Status: NEW → RESOLVED
Closed: 4 years ago
status-firefox86:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 86 Branch
Upstream PR merged by moz-wptsync-bot
You need to log in
before you can comment on or make changes to this bug.
Description
•