The Partitioned flag is used for cookies that are set on web sites embedded via iframes. The cookie is then available only in combination of the host site and the embedded site.
Golang's http.Cookie type does not yet support the Partitioned flag, but Google Chrome is already testing mandatory support and rejecting/omitting cookies without it for 1% of users via A/B roll-out.
The implementation wraps the http.Cookie and extends it with the Partitioned field. This field is then used to forward the raw cookie string when creating the derived VCAP_ID cookies for sticky sessions.
Once the Golang standard library supports the Partitioned flag, this wrapper can just be removed.
A test that checks the Unparsed section of the http.Cookie will ensure that the tests will fail once the Partitioned flag is supported by the Golang standard library.
An explanation of the use cases your change solves
Users of Safari and Google Chrome (currently 1% via A/B test, soon 100% of users) and websites that use iframes.
Instructions to functionally test the behavior change using operator interfaces (BOSH manifest, logs, curl, and metrics)
Expected result after the change
Current result before the change
Links to any other associated PRs
[x] I have viewed signed and have submitted the Contributor License Agreement
[x] I have made this pull request to the main branch
The
Partitionedflag is used for cookies that are set on web sites embedded via iframes. The cookie is then available only in combination of the host site and the embedded site.Golang's
http.Cookietype does not yet support thePartitionedflag, but Google Chrome is already testing mandatory support and rejecting/omitting cookies without it for 1% of users via A/B roll-out.The implementation wraps the
http.Cookieand extends it with thePartitionedfield. This field is then used to forward the raw cookie string when creating the derived VCAP_ID cookies for sticky sessions.Once the Golang standard library supports the
Partitionedflag, this wrapper can just be removed.A test that checks the
Unparsedsection of thehttp.Cookiewill ensure that the tests will fail once thePartitionedflag is supported by the Golang standard library.Users of Safari and Google Chrome (currently 1% via A/B test, soon 100% of users) and websites that use iframes.
Instructions to functionally test the behavior change using operator interfaces (BOSH manifest, logs, curl, and metrics)
Expected result after the change
Current result before the change
Links to any other associated PRs
[x] I have viewed signed and have submitted the Contributor License Agreement
[x] I have made this pull request to the
mainbranch[x] I have run all the unit tests.
[ ] (Optional) I have run Routing Acceptance Tests and Routing Smoke Tests
[ ] (Optional) I have run CF Acceptance Tests