Open Bug 1749679 Opened 2 years ago Updated 6 months ago

Remove SameSite cookie related experimental features from about:preferences


(Core :: Networking: Cookies, task, P3)





(Reporter: t.matsuu, Unassigned)



(Whiteboard: [necko-triaged])

The following features have been enabled since 96 (released version) by bug 1617609.
It's time to say good bye from experimental feature list.

  • Cookies: SameSite=Lax by default
  • Cookies: Schemeful SameSite
  • SameSite=None requires secure attribute
Severity: -- → N/A
Priority: -- → P2
Whiteboard: [necko-triaged]

As a SUMO volunteer, I suggest not acting too quickly due to a significant amount of fresh site breakage being reported with users' financial institution sites and faculty/student Canvas/Kaltura sites. It is still not clear why these sites work with laxByDefault in Chrome/Edge and not Firefox.

Indeed: we had to immediately disable those features in a point release after shipping. As jscher mentioned there was a lot of site breakage that wasn't apparent with the smaller Beta population. See bug 1618610. Doing this definitely needs to wait until after bug 1617609 is actually RESOLVED; it's currently REOPENED.

See Also: → sameSiteLax-breakage
Priority: P2 → P3
You need to log in before you can comment on or make changes to this bug.