[Feature Request] Support of phasing out third-party cookies

Question

[Feature Request] Support of phasing out third-party cookies

nicob-29 opened this issue 7 months ago · comments

Hi
Google plan soon to activate phasing out third-party cookies
See Third-Party Cookies doc: https://privacysandbox.com/open-web/#the-privacy-sandbox-timeline

Doc about phasing out third-party cookies: https://developer.chrome.com/en/docs/privacy-sandbox/third-party-cookie-phase-out/#partitioned-cookies

This feature request requires the possibility to add "Partitioned" to the cookie like Secure.

nicob-29 commented 6 months ago

Sure !

Sergio Rozenszajn · Answer 1 · Thu Oct 19 2023 15:19:32 GMT+0800 (China Standard Time)

Hi,
We have the same urgent requirement, do you have any plans/timelines to support Partitioned cookie property?
We tried to workaround but it looks like not there is none.

Douglas Wilson · Answer 2 · Thu Oct 19 2023 15:22:07 GMT+0800 (China Standard Time)

The implementation is being discussed currently but should be integrated soon.

sblecon · Answer 3 · Thu Oct 26 2023 00:46:53 GMT+0800 (China Standard Time)

Hi @dougwilson ,
Any idea when the fix will be available?
Best regards,
Stéphane

stefanbeigel · Answer 4 · Fri Nov 10 2023 21:46:12 GMT+0800 (China Standard Time)

Hi,
we also need such support to test partitioned cookies for our sessions.

nicob-29 · Answer 5 · Mon Nov 20 2023 18:23:14 GMT+0800 (China Standard Time)

Hi
Any update ?

stefanbeigel · Answer 6 · Wed Nov 22 2023 00:08:56 GMT+0800 (China Standard Time)

@nicob-29
I think it needs to be added to cookie library first, which was done but not released yet
jshttp/cookie#153
Because it's used here:
https://github.com/expressjs/session/blob/master/session/cookie.js#L14

nicob-29 · Answer 7 · Wed Nov 22 2023 00:18:39 GMT+0800 (China Standard Time)

@sergioRozenszajn
jshttp/cookie about partitioned was released (See version 0.6.0)
https://github.com/jshttp/cookie/releases is not good but

Douglas Wilson · Answer 8 · Wed Nov 22 2023 00:24:39 GMT+0800 (China Standard Time)

Thank you, I missed added it to the github releases. There is a long holiday where I am currently, sorry for the delayed reply. I will get out a new release of this with partitioned support asap for you all.

nicob-29 · Answer 9 · Wed Nov 22 2023 16:55:51 GMT+0800 (China Standard Time)

@sergioRozenszajn
The version of cookie was released yesterday ;-)
Thank you @dougwilson

Sergio Rozenszajn · Answer 10 · Wed Nov 22 2023 17:03:47 GMT+0800 (China Standard Time)

Hi @dougwilson , @nicob-29

In the meantime I forked into https://github.com/sergioRozenszajn/approuter-session.git, using cookie 0.6.0 and adding partitioned to data:
, sameSite: this.sameSite
, partitioned: this.partitioned
Using this fork the JSESSIONID cookie is now partitioned:

nicob-29 · Answer 11 · Mon Nov 27 2023 18:21:29 GMT+0800 (China Standard Time)

@dougwilson
Any news ?

Douglas Wilson · Answer 12 · Mon Nov 27 2023 20:50:44 GMT+0800 (China Standard Time)

Hi @nicob-29 I just got home yesterday and working through the backlog. Please if you can give me a little breather from the holiday to get it done, that would be great.

Clara Attermo · Answer 13 · Mon Dec 11 2023 18:22:54 GMT+0800 (China Standard Time)

Please start work on this 🙏
Since Chrome will start blocking from beginning of next year it's starting to become very urgent.

nicob-29 · Answer 14 · Fri Jan 05 2024 17:14:12 GMT+0800 (China Standard Time)

Happy New Year
Friendly reminder.

rgsthethird · Answer 15 · Wed Jan 24 2024 08:06:04 GMT+0800 (China Standard Time)

Another request for this to be added soon. Thanks!