Comment by thih9
Does anyone have more context? Is this part of the general effort to not use third party cookies[1] or is this something more ios specific?
[1]: https://developer.mozilla.org/en-US/blog/goodbye-third-party...
Does anyone have more context? Is this part of the general effort to not use third party cookies[1] or is this something more ios specific?
[1]: https://developer.mozilla.org/en-US/blog/goodbye-third-party...
It's part of the no more third party cookies thing and not iOS specific.
Scenario where this matters: If you do Login based on sessions + cookies (eg. Django's default authentication method) you won't be able to have the backend and frontend on different domains or the same domain, but different ports.
Specifically in a local dev scenario, you might have your backend on localhost:8000 and frontend on localhost:4200, you could auth your frontend and backend by allowing the browser to send the cookie between them via the cookie setting `SameSite = None` (Ignoring a couple of browser security details around CSRF, HTTPOnly Cookies and HTTPs requirements).
This is will soon not be possible anymore and in the local dev scenario you need to access both frontend and backend from the same port, by combining them with a HTTP reverse proxy or hosting the frontend files via the backend. This extends to real deployments and affects session + cookie based authentication in a couple of ways, depending on infrastructure.