Support for Partitioned cookie attribute (AKA CHIPS) / make cookies more flexibel

[mkurz]

Discussed in https://github.com/orgs/playframework/discussions/12357

^{Originally posted by jdf200 February 16, 2024}
I have recently been checking our Play app's compliance with the upcoming change Google is planning to block 3rd party cookies / partition those cookies to the top level domain.

We have an application that is embedded within a site as an iframe on a different top level domain which needs to set cookies, however under Googles proposed model (CHIPS) we will need to add a 'Partitioned' attribute to the Set-Cookie header.

I've checked the Play documentation and implementation and I cannot see any simple way of adding this in the current model.

I have implemented a workaround by injecting a overridden version of the CookieHeaderEncoding class into my application, however this is not ideal.

Are there any plans to add this flag to the Cookie class / configuration in an upcoming release? Or is there a cleaner way to add additional flags to the Set-Cookie response?

[mkurz]

See my comments in the original discussion:

• https://github.com/orgs/playframework/discussions/12357#discussioncomment-8545233