Comment by chrismorgan

Comment by chrismorgan 10 months ago

3 replies

Actual title (emphasis mine):

> iOS 18 does not allow a client application to specify SameSite=None

That’s quite a different thing from the present submitted title, “No same site = None cookies for iOS18”, which would suggest SameSite=None was being blocked altogether.

Glancing through, it reads more like “when SameSite default was changed from None to Lax [which everyone else did four years ago, if I recall correctly], there was a bug because the default was actually assumed in one other place that we missed, so that setting SameSite to None in a particular way didn’t work, and this pull request fixes that”. Simple bug, nothing to see here. But I’m not in Apple’s ecosystem, don’t trust my two-minute glance to be accurate and please correct me when I’m wrong.

bonoboTP 10 months ago

I first thought it was broken English for "If it's not the same site, then no cookies are allowed", where I thought "same site" means the origin of the cookie and the one that reads it.

isodev 10 months ago

You're correct, the bug is nothing more than some inconsistencies following the change of SameSite default from None to Lax.