Dismiss this notice
WinRAR forever! Father's Day 2019 Giveaway - [Only registered and activated users can see links Click here to register]

Dismiss this notice
Avast Premier Photo Caption - [Only registered and activated users can see links Click here to register]

Dismiss this notice
FastestVPN Accounts Giveaway - [Only registered and activated users can see links Click here to register]


Thread Rating:
  • 1 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Google Chrome: better cookie protections and controls announced
#1
Information 
Quote:
[Image: chrome-samesite-lax-cookies.png]

Google plans to improve cookie controls and protections in upcoming versions of the company's Chrome web browser.

The company revealed plans to change how cookies work fundamentally in the web browser in third-party contexts.

Google Chrome will make use of the SameSite cookie attribute to enforce the new behavior by setting it to lax by default. What this means, essentially, is that the Chrome browser won't send cookies with cross-site requests anymore.

SameSite supports the three values not set, lax and strict, with not set the default on today's Internet. SameSite defines access rights to cookies and it the attribute is not set at all, cookie sending is not limited.

A value of strict on the other hand prevents cookies from being sent to all sites in all cross-browsing contexts. In other words, cookies are only sent if the the requesting site matches the site that is shown in the browser's address bar.

Lax is a compromise between better security and convenience. A Lax value would still block cookies from being sent in third-party contexts, e.g. when requested from a different site, but it would allow cookies to be sent if the user would follow a link to the site.

Quote:The "SameSite" attribute limits the scope of the cookie such that it will only be attached to requests if those requests are same-site, as defined by the algorithm in Section 5.2. For example, requests for "https://example.com/sekrit-image" will attach same-site cookies if
and only if initiated from a context whose "site for cookies" is "example.com".

If the "SameSite" attribute's value is "Strict", the cookie will only be sent along with "same-site" requests. If the value is "Lax", the cookie will be sent with same-site requests, and with "cross-site" top-level navigations, as described in Section 5.3.7.1. (via IETF)

Developers and site operators will have to define SameSite values explicitly if they require different values. If they don't, Lax is enforced.
[Only registered and activated users can see links Click here to register]
[-] The following 1 user Likes harlan4096's post:
  • silversurfer
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username:


Password:





[-]
Recent Posts
GIMP 2.10.12
GIMP 2.10.12 GIMP...damien76 — 19:00
[Giveaway] WinX HD Video Converter Delu...
WinX HD Video Conver...ismail — 18:57
AnyMP4 Screen Recorder Professional 1.2....
The best tool for...ismail — 18:53
Shotcut 19.06.15
Shotcut 19.07.15 (15...damien76 — 18:51
InPixio Photo Editor 9 [for PC]
Easily transform ...ismail — 18:47

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
avatar (36)lapedDow
avatar (42)rituabew
avatar (30)omyjul
avatar (32)boineDon
avatar (34)vkseogaF
avatar (30)usogy
avatar (33)ywixazok

[-]
Online Staff
There are no staff members currently online.

>