Add support for partitioned cookies #2196
Conversation
rawleyfowler
changed the title
kraih
requested review from
a team,
marcusramberg,
kraih,
christopherraa and
Grinnz
|
We could also mark this as experimental, though it is implemented in most browsers. |
|
This pull request is now in conflicts. Could you fix it @rawleyfowler? 🙏 |
|
This pull request is now in conflicts. Could you fix it @rawleyfowler? 🙏 |
rawleyfowler
changed the title
|
Plack recently merged this into |
|
Yes, since this is only a draft spec we have to mark it experimental. |
There was a problem hiding this comment.
Pull Request Overview
This PR introduces support for partitioned cookies in Mojolicious to address upcoming browser changes regarding third‐party cookies.
- Added a new partitioned flag in cookie tests, sessions, and cookie parsing.
- Extended the Mojolicious::Sessions and Mojo::Cookie::Response modules to handle the Partitioned attribute.
Reviewed Changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated 3 comments.
| File | Description |
|---|---|
| t/mojo/cookie.t | Tests updated to validate the new Partitioned cookie behavior |
| lib/Mojolicious/Sessions.pm | Sessions module updated to include partitioned cookie support |
| lib/Mojo/Cookie/Response.pm | Cookie parsing/stringification enhanced for Partitioned flag |
| = Mojo::Cookie::Response->parse( | ||
| 'foo="bar"; Domain=example.com; Partitioned; Path=/test; Max-Age=60; Expires=Thu, 07 Aug 2008 07:07:59 GMT; Secure;' | ||
| ); | ||
| is $cookies->[0]->partitioned, 1, 'right paritionted value'; |
There was a problem hiding this comment.
The test message contains a typo: 'paritionted' should be corrected to 'partitioned'.
| is $cookies->[0]->partitioned, 1, 'right paritionted value'; | |
| is $cookies->[0]->partitioned, 1, 'right partitioned value'; |
Copilot uses AI. Check for mistakes.
| my $bool = $sessions->partitioned; | ||
| $sessions = $sessions->partitioned($bool); | ||
|
|
||
| Partitioned flag, this is to be used in accordance to the CHIPS ammendment to RFC 6265. |
There was a problem hiding this comment.
The word 'ammendment' is misspelled; it should be 'amendment'.
| Partitioned flag, this is to be used in accordance to the CHIPS ammendment to RFC 6265. | |
| Partitioned flag, this is to be used in accordance to the CHIPS amendment to RFC 6265. |
Copilot uses AI. Check for mistakes.
| =head2 partitioned | ||
|
|
||
| my $partitioned = $cookie->partitioned; | ||
| $cookie = $cookie->parititoned(1); |
There was a problem hiding this comment.
The method call 'parititoned(1)' appears to be a typo; it should be 'partitioned(1)' to correctly set the flag.
| $cookie = $cookie->parititoned(1); | |
| $cookie = $cookie->partitioned(1); |
Copilot uses AI. Check for mistakes.
Summary
Firefox is soon going to ignore third-party aka "foreign" aka
SameSite: NoneMotivation
These changes allow Mojolicious to handle the new "Partitioned" attribute, as well as adding the ability to set
PartitionedonMojolicious::Sessionscookies.References
https://www.ietf.org/archive/id/draft-cutler-httpbis-partitioned-cookies-00.html
https://github.com/privacycg/CHIPS
fixes #2179