Hello,
I was reading Troy's article about the influence of stricter cookie policies that are coming with Chrome version 80, and few pieces sound like it may bring problems
While we have HTTPS over TLS enabled as well as enforcing if further by HSTS, I wonder what issues could this bring in terms of Wordpress/Xenforo implementations ?
Thoughts ?
https://www.troyhunt.com/promiscuous-cookies-and-their-impending-death-via-the-samesite-policy/
I was reading Troy's article about the influence of stricter cookie policies that are coming with Chrome version 80, and few pieces sound like it may bring problems
Come version 80, any cookie without a SameSite attribute will be treated as "Lax" by Chrome. This is really important to understand because put simply, it'll very likely break a bunch of stuff. In order to demonstrate that, I've set up a little demo site to show how "Lax" and "Strict" SameSite cookies behave alongside the traditional ones with no policy at all
While we have HTTPS over TLS enabled as well as enforcing if further by HSTS, I wonder what issues could this bring in terms of Wordpress/Xenforo implementations ?
Thoughts ?
https://www.troyhunt.com/promiscuous-cookies-and-their-impending-death-via-the-samesite-policy/