krgovind
commented
8 months ago But to end the migration, wouldn't it be easier to just silently partition on the browser side? That way any "third party" site that can work in a partitioned way will continue to work, without changes on their side.
Great question! We could certainly consider this over the long-term, but at least near to medium-term, unpartitioned cross-site cookies continue to be available across all major browsers in specific controlled scenarios such as after invoking Storage Access API. We would need to deprecate those mechanisms before we can get to that end-state. :)
Apologies if this question is not in the scope of this project, maybe it's managed by the browser vendors?
From the following chapter "Any cookies that are not set with the Partitioned attribute will eventually be blocked in third-party contexts."
What is the rationale for eventually blocking unpartitioned cookies, rather than the browser just "silently" partitioning them (which is what is being done for local storage I believe)?
I agree, as argued in the prior art chapter, that the current opt-in mechanism through the Partitioned attribute is the best way to start the migration. But to end the migration, wouldn't it be easier to just silently partition on the browser side? That way any "third party" site that can work in a partitioned way will continue to work, without changes on their side.