On Monday September 25th from 10PM EDT - 12AM EDT (2AM UTC - 4AM UTC on September 26th), we will be performing system maintenance on the Firefox Accounts databases for two hours. During the maintenance window, there will be brief periods of a few minutes where users will not be able to login to their accounts. Please try again at a later time.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

When will network.cookie.sameSite.schemeful be set to true by default?

  • 1 reply
  • 1 has this problem
  • 33 views
  • Last reply by cor-el

more options

Hi there,

I've been trying without much luck to find out when or in what Firefox version, the config setting network.cookie.sameSite.schemeful will be set to 'true' by default?

Can anyone point me in the direction of where this information is or let me know the answer if they already know it?

And I'll apologise in advance if this is in an obvious spot that I've just stupidly missed.

Thanks! Simon

Hi there, I've been trying without much luck to find out when or in what Firefox version, the config setting network.cookie.sameSite.schemeful will be set to 'true' by default? Can anyone point me in the direction of where this information is or let me know the answer if they already know it? And I'll apologise in advance if this is in an obvious spot that I've just stupidly missed. Thanks! Simon

All Replies (1)

more options

Hi

The cookie sameSite schemeful feature got added as an experimental feature and is as such only enabled in Nightly.

  • 1651120 - Add cookie sameSite schemeful as an experimental feature

I don't think that it's known when this feature will be enabled in release (TBD), so this likely will not happen shortly.

  • 1651119 - [meta] Enable cookie sameSite schemeful

(please do not comment in bug reports
https://bugzilla.mozilla.org/page.cgi?id=etiquette.html
)


Cookie SameSite Schemeful

Treat cookies from the same domain, but with different schemes (e.g. http://example.com and https://example.com) as cross-site instead of same-site. Improves security, but potentially introduces breakage.