Page MenuHomePhabricator
Create Task
Maniphest T360670

Mitigate phase-out of third-party cookies in OAuth
Open, Needs TriagePublic
Actions

Description

See T345245: Mitigate phase-out of third-party cookies in Wikimedia production for context and links to relevant documentation.

OAuth relies on third-party cookies and top-level redirects to identify the user (in some cases without user interaction). With OAuth being a very widely used protocol / workflow, it's unlikely browsers will break it anytime soon; it will probably be covered by heuristics-based exceptions.

Nevertheless we should at some point probably double-check if there is any impact and whether any improvements to the flow could/should be done.

Related Objects
Search...

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits