Closed
Bug 1960824
Opened 26 days ago
Closed 11 days ago
Revisit sameSite=none requires secure
Categories
(Core :: Networking: Cookies, defect, P2)
Core
Networking: Cookies
Tracking
()
RESOLVED
FIXED
140 Branch
| Tracking | Status | |
|---|---|---|
| firefox140 | --- | fixed |
People
(Reporter: baku, Assigned: baku)
Details
(Whiteboard: [necko-triaged])
Attachments
(2 files)
This feature is not correctly implemented because of:
- how we set the sameSite default value
- how we check the cookie sameSite attribute for none-requires-secure
I suggest disabling this feature, fixing the issue, and testing it nightly for a few cycles.
|
Assignee | |
Comment 1•26 days ago
|
||
|
||
Updated•26 days ago
|
Assignee: nobody → amarchesini
Status: NEW → ASSIGNED
Pushed by amarchesini@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/84c0fce4a156
Fix and disable "sameSite=none requires secure" in !nightly, r=edgul,cookie-reviewers
Backout by chorotan@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/6e2e24c9d89b
Backed out changeset 84c0fce4a156 for causing multiple failures. CLOSED TREE
|
||
Comment 4•26 days ago
•
|
||
Backed out for causing multiple failures
A few failure logs:
Failure log GTest
Failure log Xpc
Failure log xpc
Failure log bc
Failure log gv-junit
Failure log dt
Failure log wpt
|
|
||
Updated•26 days ago
|
Flags: needinfo?(amarchesini)
|
|
||
Updated•25 days ago
|
Attachment #9479313 -
Attachment description: Bug 1960824 - Fix and disable "sameSite=none requires secure" in !nightly, r?edgul → Bug 1960824 - Fix and disable "sameSite=none requires secure", r?edgul
|
|
Assignee | |
Updated•25 days ago
|
Flags: needinfo?(amarchesini)
|
||
Updated•24 days ago
|
Severity: -- → S3
Priority: -- → P2
Whiteboard: [necko-triaged]
Pushed by amarchesini@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/6b47faf8efee
Fix and disable "sameSite=none requires secure", r=edgul,cookie-reviewers,valentin
Backed out for causing dt failures @browser_webconsole_warning_group_cookies.js
Flags: needinfo?(amarchesini)
|
|
Assignee | |
Updated•19 days ago
|
Flags: needinfo?(amarchesini)
|
|
Assignee | |
Comment 7•18 days ago
|
||
Pushed by amarchesini@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/d01a1a055fec
Introduce nsICookie::SAMESITE_UNSET, r=edgul,webdriver-reviewers,extension-reviewers,cookie-reviewers,valentin,Sasha,robwu
|
||
Comment 9•11 days ago
|
||
| bugherder | ||
Status: ASSIGNED → RESOLVED
Closed: 11 days ago
status-firefox140:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 140 Branch
You need to log in
before you can comment on or make changes to this bug.
Description
•