Cookie: SameSite=None experiment

Experiment: https://www.revampix.com/samesite-test.html
The results of the experiment will be published at 1st of September 2020.



With the latest browsers’ releases we started feeling and hearing more about the SameSite cookie attribute: https://web.dev/samesite-cookies-explained/

This attribute has 3 possible values: Lax, Strict and None. It seems that Lax and Strict work “flawlessly” but there are some issues with None. The reason is that None was introduced after Lax and Strict were implemented and some browsers were not prepared for this.

Here is what happens on incompatible browsers when we have SameSite=None:

  • A cookie is dropped/not created. (that’s kind of scary)
  • A cookie is created as SameSite=Strict.

More details about incompatible browsers: https://www.chromium.org/updates/same-site/incompatible-clients

Stay tuned!

Leave a Reply

Your email address will not be published. Required fields are marked *