Minor edits to the "Third-party cookies" section #39388
Open
+1
−3
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Contributor
DanKaplanSES
commented
May 4, 2025
DanKaplanSES
commented
- I think there was some issues with pluralization of the word "Cookie" at the end of this section, so I attempted to reword it.
- I ended up changing more than I originally intended
- I did not intend to change any of the original meaning. If I did, that was a mistake on my part.
- I think there was some issues with pluralization of the word "Cookie" at the end of this section, so I attempted to reword it. - I ended up changing more than I originally intended - I did not intend to change any of the original meaning. If I did, that was a mistake on my part.
github-actions
bot
added
Content:HTTP
|
Preview URLs Flaws (1)URL:
|
hamishwillee
reviewed
May 4, 2025
| Cookie in the request may also be suppressed in normal third-party cookie policies. The enforced cookie policy may therefore nullify the capability described in this chapter, effectively preventing you from making credentialed requests whatsoever. | ||
|
|
||
| Cookie policy around the [SameSite](/en-US/docs/Web/HTTP/Reference/Headers/Set-Cookie#samesitesamesite-value) attribute would apply. | ||
| Third-party cookie policies (e.g., the [SameSite](/en-US/docs/Web/HTTP/Reference/Headers/Set-Cookie#samesitesamesite-value) attribute) may suppress certain cookies from being sent to the server. The enforced cookie policy may therefore nullify the capability described in this chapter, effectively preventing you from making credentialed requests whatsoever. |
There was a problem hiding this comment.
I prefer your version, but it does kind of change the "flow". How about this (for the whole section)
Suggested change
| Third-party cookie policies (e.g., the [SameSite](/en-US/docs/Web/HTTP/Reference/Headers/Set-Cookie#samesitesamesite-value) attribute) may suppress certain cookies from being sent to the server. The enforced cookie policy may therefore nullify the capability described in this chapter, effectively preventing you from making credentialed requests whatsoever. | |
| Cookies set in CORS requests and responses are subject to normal third-party cookie policies. | |
| Third-party cookie policies may prevent third party cookies being sent in requests, effectively stopping a site from making credentialed requests even if permitted by the third party server (using `Access-Control-Allow-Credentials`). | |
| The default policy differs between browsers, but may be set using the [SameSite](/en-US/docs/Web/HTTP/Reference/Headers/Set-Cookie#samesitesamesite-value) attribute. | |
| Even if credentialed requests are allowed, a browser may be configured to reject all third-party cookies in responses. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.