[Openid-specs-ab] Safari/Brave blocking 3rd party cookies issue

Brock Allen brockallen at gmail.com
Wed Mar 25 13:53:54 UTC 2020


These recent changes (and how Brave is implemented) really means that clients written in the browser as JavaScript can't use OIDC.

* iframe token renewal is broken
* check_session endpoint is broken

https://webkit.org/blog/9661/preventing-tracking-prevention-tracking/

https://webkit.org/blog/10218/full-third-party-cookie-blocking-and-more/

Thoughts?

-Brock
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20200325/833472c1/attachment.html>


More information about the Openid-specs-ab mailing list