Uploaded image for project: 'MusicBrainz Server'
  1. MusicBrainz Server
  2. MBS-10717

Cookie attributes must be adjusted to work with new behavior in browsers

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Normal Normal
    • 2020-04-27
    • None
    • Editing interface
    • None

      Chrome's behavior for how cookies are sent is changing. It's to be expected that other browser vendors will follow suit sooner or later:

      Sites that depend on cookies being sent cross-origin must add the attributes SameSite=None; Secure

      Otherwise cookies without the SameSite attribute will be treated as if SameSite=Lax was set, meaning they will be restricted to first-party context.

      Importing new releases from third-party sites utilizing release editor seeding is one of the most popular methods that will stop working properly.

      There are already reports of disruptions in the workflow of multiple editors:
      https://chatlogs.metabrainz.org/brainzbot/metabrainz/msg/4552690/

            bitmap Michael Wiencek
            chaban chaban
            Votes:
            1 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved:

                Version Package
                2020-04-27