We help IT Professionals succeed at work.

how change in samesite policy will affect user browsing,

Hi

Can anyone please explain what would be the effect of samsite coockies policy on browsing

My understanding is that Cumulative Update for Windows Server 2016 for x64-based Systems (KB4534271) update will enable samesite cookies policy on google chrome which means that 'SameSite=None' will change to 'SameSite=Lax.'
I know it could be very stupid question what how it will affect the user browsing  i.e accessing the websites . Would we have to add some website in trusted list for normal users.
Comment
Watch Question

Simple Geek from the '70s
Distinguished Expert 2019
Commented:

Addresses an issue to support new SameSite cookie policies by default for release 80 of Google Chrome



“SameSite” is a reasonably robust defense against some classes of cross-site request forgery (CSRF) attacks, but developers currently need to opt-into its protections by specifying a SameSite attribute. In other words, developers are vulnerable to CSRF attacks by default. This change would allow developers to be protected by default, while allowing sites that require state in cross-site requests to opt-in to the status quo’s less-secure model. In addition, forcing sites to opt-in to SameSite=None gives the user agent the ability to provide users more transparency and control over tracking. https://www.chromestatus.com/feature/5088147346030592


The user shouldn't notice anything. 

Author

Commented:
Thank you for clearing this up for me