willholley commented on issue #2221: Cookie from cross-site without SameSite attribute URL: https://github.com/apache/couchdb/issues/2221#issuecomment-572925874 I think the implication is that it will break CORS support, which must specify `SameSite=None; Secure` to continue being passed by Chrome. The default behaviour shouldn't break most CouchDB use cases but we could do better by setting `SameSite=Strict`. We may also need a way to handle legacy clients, which is a bit [messy](https://web.dev/samesite-cookie-recipes/#handling-incompatible-clients). @rnewson it looks like you added the `SameSite` support to MochiWeb. Do you have more considered thoughts on this?
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services
