Re: [blink-dev] Intent to Ship: FedCM: Credentialed requests will no longer send SameSite=Strict cookies

Thanks everyone for the approvals! This will ship in 125. Christian On Wed, Apr 24, 2024 at 3:30 PM Mike Taylor wrote: > LGTM3 > On 4/24/24 9:38 AM, Chris Harrelson wrote: > > LGTM2 > > On Wed, Apr 24, 2024 at 9:29 AM Yoav Weiss (@Shopify) < > yoavwe...@chromium.org> wrote: > >> LGTM1 >> >> On

Re: [blink-dev] Intent to Ship: FedCM: Credentialed requests will no longer send SameSite=Strict cookies

LGTM3 On 4/24/24 9:38 AM, Chris Harrelson wrote: LGTM2 On Wed, Apr 24, 2024 at 9:29 AM Yoav Weiss (@Shopify) wrote: LGTM1 On Wed, Apr 24, 2024 at 5:46 PM Christian Biesinger wrote: Hi Yoav, with regards to the spec: As Johann suggests, this can't

Re: [blink-dev] Intent to Ship: FedCM: Credentialed requests will no longer send SameSite=Strict cookies

LGTM2 On Wed, Apr 24, 2024 at 9:29 AM Yoav Weiss (@Shopify) < yoavwe...@chromium.org> wrote: > LGTM1 > > On Wed, Apr 24, 2024 at 5:46 PM Christian Biesinger < > cbiesin...@chromium.org> wrote: > >> Hi Yoav, >> >> with regards to the spec: As Johann suggests, this can't really be >> specified

Re: [blink-dev] Intent to Ship: FedCM: Credentialed requests will no longer send SameSite=Strict cookies

LGTM1 On Wed, Apr 24, 2024 at 5:46 PM Christian Biesinger wrote: > Hi Yoav, > > with regards to the spec: As Johann suggests, this can't really be > specified today and I am hoping we won't block on that as he suggests. (the > cookie spec linked from the fetch spec does not mention SameSite at

Re: [blink-dev] Intent to Ship: FedCM: Credentialed requests will no longer send SameSite=Strict cookies

Hi Yoav, with regards to the spec: As Johann suggests, this can't really be specified today and I am hoping we won't block on that as he suggests. (the cookie spec linked from the fetch spec does not mention SameSite at all... https://httpwg.org/specs/rfc6265.html#cookie) with regards to the

Re: [blink-dev] Intent to Ship: FedCM: Credentialed requests will no longer send SameSite=Strict cookies

fetch-accounts says that the origin for accounts requests is an opaque origin. What does that mean for `Same-Site: Lax` cookies? Will they be sent or not? On Tuesday, April 23, 2024 at 9:08:33 PM UTC+2 Johann Hofmann wrote: > I wanted to chime

Re: [blink-dev] Intent to Ship: FedCM: Credentialed requests will no longer send SameSite=Strict cookies

I wanted to chime in on fetch + cookies integration: Yes, it's very underspecified and leaves the computation of the actual SameSite status of cookies included in the request to the

Re: [blink-dev] Intent to Ship: FedCM: Credentialed requests will no longer send SameSite=Strict cookies

Just wanted to ping this thread -- any lgtms? Or will it be discussed at tomorrow's meeting? Christian On Thu, Apr 18, 2024 at 11:31 AM Christian Biesinger < cbiesin...@chromium.org> wrote: > > > On Wed, Apr 17, 2024 at 10:13 PM Domenic Denicola > wrote: > >> >> >> On Thu, Apr 18, 2024 at 6:19 

Re: [blink-dev] Intent to Ship: FedCM: Credentialed requests will no longer send SameSite=Strict cookies

On Wed, Apr 17, 2024 at 10:13 PM Domenic Denicola wrote: > > > On Thu, Apr 18, 2024 at 6:19 AM Christian Biesinger < > cbiesin...@chromium.org> wrote: > >> Contact emails >> >> cbiesin...@chromium.org >> >> >> Explainer >> >> See summary >> >> >> Specification >> >>

Re: [blink-dev] Intent to Ship: FedCM: Credentialed requests will no longer send SameSite=Strict cookies

On Thu, Apr 18, 2024 at 6:19 AM Christian Biesinger wrote: > Contact emails > > cbiesin...@chromium.org > > > Explainer > > See summary > > > Specification > > https://fedidcg.github.io/FedCM/#fetch-identity-assertion > I wasn't able to find the part of the spec that talks about which cookies

[blink-dev] Intent to Ship: FedCM: Credentialed requests will no longer send SameSite=Strict cookies

Contact emails cbiesin...@chromium.org Explainer See summary Specification https://fedidcg.github.io/FedCM/#fetch-identity-assertion Summary We recently changed FedCM to send ID assertion requests with CORS. As a side-effect, that