[rwth-security] Chrome/Chromium: SameSite-by-default and SameSite=None-requires-Secure Cookies by default

12 Aug 2020


      Hallo zusammen,
sofern nicht selber schon gesehen/-lesen hier [0] FYI
"Aug 11, 2020: The target rollout population has been increased 
     to 100% of users on Chrome Stable versions 80 and above, and the 
     actual proportion of users with the new behavior enabled is now 
     ramping up to 100% gradually. Users will receive the new behavior 
     when they restart Chrome."
(siehe dazu auch [1])
Auf [2] gibt es Informationen zu "Cookie Legacy SameSite Policies"
"The policies LegacySameSiteCookieBehaviorEnabled and 
     LegacySameSiteCookieBehaviorEnabledForDomainList allow 
     you to revert the SameSite behavior of cookies (possibly 
     on specific domains) to legacy behavior."
VG
Bernd
[0]
https://www.chromium.org/updates/same-site?pli=1
[1]
https://blog.chromium.org/2020/05/resuming-samesite-cookie-changes-in-july.h...
[2]
https://www.chromium.org/administrators/policy-list-3/cookie-legacy-samesite...
-- 

Bernd Kohler

IT Center
Abteilung: Netze
RWTH Aachen University
Wendlingweg 10
52074 Aachen
Tel: +49 241 80-29793
Fax: +49 241 80-22666
kohler@itc.rwth-aachen.de
https://www.itc.rwth-aachen.de

Social Media Kanäle des IT Centers:
https://blog.rwth-aachen.de/itc/ 
https://www.facebook.com/itcenterrwth 
https://www.linkedin.com/company/itcenterrwth
https://twitter.com/ITCenterRWTH
https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

2024

2023

2022

2021

2020

2019

2018

[rwth-security] Chrome/Chromium: SameSite-by-default and SameSite=None-requires-Secure Cookies by default