Open Bug 848437 Opened 10 years ago Updated 3 years ago

JSONP should not be broken by new limit_third_party cookie policy


(Core :: DOM: Core & HTML, defect, P5)





(Reporter: geekboy, Unassigned)


(Blocks 1 open bug)


We should try to make sure that JSONP is not broken by this new cookie policy so pre-CORS site implementations continue to work.  (This is related to bug 844622, but not precisely.)
Could you give an example of an adversely affected JSONP flow? As with CORS, I don't follow why there would be a problem.
I don't think we should allow using JSONP to work around the new cookie policy. That would open up a loophole that everyone would drive through and the policy would effectively be useless.
Priority: -- → P5
Component: DOM → DOM: Core & HTML
You need to log in before you can comment on or make changes to this bug.