Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support the "Partitioned" cookie attribute #10891

Closed
sbordet opened this issue Nov 14, 2023 · 2 comments · Fixed by #10903
Closed

Support the "Partitioned" cookie attribute #10891

sbordet opened this issue Nov 14, 2023 · 2 comments · Fixed by #10903
Labels
Enhancement

Comments

@sbordet
Copy link
Contributor

sbordet commented Nov 14, 2023

Jetty version(s)
10+

Enhancement Description
A proposal for a new cookie attributed called Partitioned is underway, with plans from Chrome and Firefox to support it in the near future.

See https://developer.mozilla.org/en-US/docs/Web/Privacy/Partitioned_cookies (and related links).

This is a server-side only change, as HttpClient does not have the concept of a "top-level context" (i.e. a web page) under which other requests are made, and the current behavior of the client-side HttpCookieStore is equivalent to SameSite=Strict, i.e. cookies set by a domain are only sent with requests for the same domain.
@sbordet sbordet mentioned this issue Nov 14, 2023
Closed
@joakime
Copy link
Contributor

joakime commented Nov 15, 2023
edited
Loading

Looks like the Cookie spec RFC6265 is being updated to handle some of the new things that this Partitioned spec is introducing. (eg: the __Secure and __Host prefixes, among other things)

https://datatracker.ietf.org/doc/draft-ietf-httpbis-rfc6265bis/

@olamy
Copy link
Member

olamy commented Nov 16, 2023

chrome as well https://developer.chrome.com/en/docs/privacy-sandbox/third-party-cookie-phase-out/#partitioned

sbordet added a commit that referenced this issue Nov 17, 2023
@sbordet
Fixes #10891 - Support the "Partitioned" cookie attribute.
7dd67f7 
Added support in oej.http.HttpCookie.
Bridged support for Servlet cookies via the cookie Comment attribute.

Signed-off-by: Simone Bordet <[email protected]>
@sbordet sbordet linked a pull request Nov 17, 2023 that will close this issue
Fixes #10891 - Support the "Partitioned" cookie attribute. #10903
Merged
sbordet added a commit that referenced this issue Nov 19, 2023
@sbordet
Fixes #10891 - Support the "Partitioned" cookie attribute.
f82844e 
Added support in oej.http.HttpCookie.
Bridged support for Servlet cookies via the cookie Comment attribute.

Signed-off-by: Simone Bordet <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Enhancement
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fixes #10891 - Support the "Partitioned" cookie attribute. jetty/jetty.project
3 participants
@olamy @joakime @sbordet