I just read the FAQ for Firefox "Total Cookie Protection"...

I just read the FAQ for Firefox "Total Cookie Protection" and I am sadly no closer to understanding what impact Total Cookie Protection has on how I should build web applications - I'm particularly interested in understanding how it impacts things like OAuth SSO https://support.mozilla.org/en-US/kb/total-cookie-protection-and-website-breakage-faq

Like 29 August at 21:15 | Open on fedi.simonwillison.net

4 comments

Russ Garrett

@simon OAuth doesn't use third-party cookies so I believe it's all good. The problem is with SSO systems which use third-party cookies to transparently log you in across several domains.

29 August at 21:34 | Open on chaos.social

Simon Willison

@russss aaah gotcha - that’s the thing that caused the Chrome team to implement their weird 2-minute twist https://simonwillison.net/2021/Aug/3/samesite/#chrome-2-minute-twist

29 August at 21:44 | Open on fedi.simonwillison.net

kellan

@simon total cookie protection makes me think about the wax paper between layers of Xmas cookie in the cookie tin

29 August at 21:43 | Open on fiasco.social

baconandcoconut

@simon

30 August at 23:02 | Open on freeradical.zone

Go Up