Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
Support the SameSite field in Cookies #255
See https://tools.ietf.org/html/draft-west-first-party-cookies-07 and https://www.chromestatus.com/feature/4672634709082112 for more information.
This is shipping in Chrome since version 51, Opera since 39, positive support in Firefox.
Hit comment too soon:
So yes I am interested in having it in WebOb, but in a capacity whereby it is optional, and marked as a draft spec. I tend to avoid adding draft's to libraries that are widely used because they can change too often and could potentially break things in the future.
If we do add it, it should be commented as such, and should link back to the draft version that is implemented. We should also add a way to verify the values passed so that cookies sent are valid, and you can't set SameSite to an invalid value.
If added to
This now has tests and was added to
I still need to surface the documentation you wanted, but I'm not sure where you want the comment that this is a draft and the link to be put. Looking at the documentation, I'd guess you want it as part of the docstrings in the relevant methods where the
I think this is a new page that should be added to the docs.
There are some other patches that have been languishing because I tend to not want to include anything that is not official or complete (especially RFC wise), because it can become a maintenance nightmare, but at the same time I would like to include them in a future release because they allow for some neat features.
For example: #180 (although it needs some more work to be functional within WebOb...)
I'd like it documented in the doc string too, of course, but a seperate page named "Experimental" or something along those lines that I can point people to would be fantastic.