Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

RFC 6265bis: Add Lax-allowing-unsafe SameSite enforcement mode #1435

Merged
merged 10 commits into from
May 20, 2021
Merged

RFC 6265bis: Add Lax-allowing-unsafe SameSite enforcement mode #1435

merged 10 commits into from
May 20, 2021

Conversation

chlily1
Copy link
Contributor

@chlily1 chlily1 commented Mar 16, 2021
edited

Addresses #1422

@chlily1 chlily1 requested a review from englehardt March 16, 2021 22:53
@chlily1
Copy link
Contributor Author

chlily1 commented Mar 16, 2021

@englehardt PTAL.

Ended up adapting the text from Cookie Incrementalism into two sections, one with a focus on the behavior (with a monkey patch to the algorithm) and the other more focusing on the justification for it.

englehardt
englehardt approved these changes Mar 30, 2021
View reviewed changes
Copy link
Contributor

@englehardt englehardt left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Overall this LGTM. Having this as a monkey patch seems like the best solution. I've added two suggestions for alternate wording.

draft-ietf-httpbis-rfc6265bis.md Outdated Show resolved Hide resolved
draft-ietf-httpbis-rfc6265bis.md Outdated Show resolved Hide resolved
@chlily1
Copy link
Contributor Author

chlily1 commented Apr 19, 2021

Thanks for the review!
This is dependent on 6265-non-http-apis so I'll merge it after that one lands.

@englehardt englehardt closed this May 20, 2021
@englehardt englehardt deleted the branch httpwg:main May 20, 2021 17:52
@englehardt englehardt reopened this May 20, 2021
@chlily1 chlily1 changed the base branch from 6265-non-http-apis to main May 20, 2021 19:01
@chlily1 chlily1 merged commit bb588d1 into httpwg:main May 20, 2021
@chlily1 chlily1 deleted the 6265bis-lax-allowing-unsafe branch May 20, 2021 22:23
@chlily1 chlily1 mentioned this pull request May 24, 2021
Closed
@kiding kiding mentioned this pull request Oct 10, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@englehardt englehardt englehardt approved these changes

Assignees
No one assigned
Labels
6265bis
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@chlily1 @englehardt