Open DCtheTall opened 1 year ago
A bit of a nitpick, but what "standard" are we supposed to have a position on? There's a link to an explainer, but this looks very "pre-standard" and I'm not sure our standards position process is intended for discussions that are in that stage.
I'm not sure our standards position process is intended for discussions that are in that stage.
I've filed https://github.com/mozilla/standards-positions/issues/808
Hey Dan, that's a fair point. We're aiming to pick this up as a WG Note for WebAppSec and would appreciate your early input to the explainer, but I understand if this issue is not actionable for deriving a position on at the moment. We'll get back to you when there's been some progress.
Request for Mozilla Position on an Emerging Web Specification
Other information
This document proposes to standardize the security semantics of cross-site cookies when third-party cookie blocking is enabled. The main points we would like to make standard behavior are:
Since this behavior causes third-party cookie blocking to be stricter in Gecko than the current state (particularly for ABA embeds) we can work with you to minimize the compat impact.