Safari PoC: `SetCookie` via intermediate 3rd-party iframe

How to use

Create a host entry in /etc/hosts:

127.0.0.1   ad

Start servers:

php -S localhost:2001 root.php
php -S localhost:2002 ad.php

Open localhost:2001.

Refresh the page once.

Firefox and Chrome will display a different output than Safari, because Firefox and Chrome do not allow setting a SameSite=Lax-cookie via an intermediate 3rd-party iframe.

Chrome blocks cookies from same-site when loaded via 3rd-party frame

Also true for Firefox.

Name		Name	Last commit message	Last commit date
Latest commit History 3 Commits
ad.php		ad.php
chrome_first_request.png		chrome_first_request.png
chrome_second_request.png		chrome_second_request.png
readme.md		readme.md
root.php		root.php
safari_first_request.png		safari_first_request.png
safari_second_request.png		safari_second_request.png

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

ad.php

ad.php

chrome_first_request.png

chrome_first_request.png

chrome_second_request.png

chrome_second_request.png

readme.md

readme.md

root.php

root.php

safari_first_request.png

safari_first_request.png

safari_second_request.png

safari_second_request.png

Repository files navigation

Safari PoC: `SetCookie` via intermediate 3rd-party iframe

How to use

Chrome blocks cookies from same-site when loaded via 3rd-party frame

Safari allows cookies from same-site when loaded via 3rd-party frame

About

Releases

Packages

Languages

jaylinski/safari-same-site-cookie

Folders and files

Latest commit

History

Repository files navigation

Safari PoC: SetCookie via intermediate 3rd-party iframe

How to use

Chrome blocks cookies from same-site when loaded via 3rd-party frame

Safari allows cookies from same-site when loaded via 3rd-party frame

About

Resources

Stars

Watchers

Forks

Languages

Safari PoC: `SetCookie` via intermediate 3rd-party iframe