search

mozilla / geckodriver

WebDriver for Firefox
https://firefox-source-docs.mozilla.org/testing/geckodriver/
Mozilla Public License 2.0
7.14k stars 1.52k forks source link

Default Samesite value should be Lax #2014

Closed titusfortner closed 2 years ago

titusfortner commented 2 years ago

According to mdn: Cookies without SameSite default to SameSite=Lax

But for cookies added by geckodriver without samesite set, they are coming back as None. This is a problem because samesite with value "None" and secure with value false is invalid. (see #1842)

Testcase

driver.manage.add_cookie name: 'name', value: 'default'
puts driver.manage.cookie_named('name')

Outputs:

{:name=>"name", :value=>"default", :path=>"/", :domain=>"localhost", :expires=>nil, :same_site=>"None", :http_only=>false, :secure=>false}
titusfortner commented 2 years ago

Ok, I guess I'm reading the specs wrong.

Whether the cookie applies to a SameSite policy. Defaults to None if omitted when adding a cookie. Can be set to either Lax or Strict.

So I'll just close both of these.