This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Talk:SameSite
From OWASP
Revision as of 21:47, 2 May 2018 by Jweiler (talk | contribs) (asking about expired rfc6265bis which is the only doc to define SameSite)
I know browsers have implemented the SameSite attribute, but the only IETF document that defines it is draft-ietf-httpbis-rfc6265bis-02, which is expired. RFC6265 does not include the SameSite attribute. Do browsers choose to implement draft specs on their own?