Am I correct in assuming that this "SameSite will now also mean Same Protocol" doesn't change anything about the existing 3rd Party Cookie blocking setting?
More #samesite 
cookie news:
Intent to **prototype**
tl;dr you can't share across HTTP / HTTPS
3P need to be Secure anyway 
unaffected
Consider HTTPS by default (again)
HTTPHTTPS may mean transferring
Happy to discuss!https://twitter.com/intenttoship/status/1221856997995417600 …
-
-
-
So - though I can double check this - we are defining a third-party cookie as requiring `SameSite=None; Secure` ergo you cannot have HTTP 3P cookies anyway. Hence, no change from this.
- Još 3 druga odgovora
Novi razgovor -
-
-
I read "shameful same-site" and I kinda like it
-
- Još 3 druga odgovora
Novi razgovor -
-
-
Also, any chance you could add an easy way to confirm the SameSiteDefaultChecksMethodRigorously (to verify testing of the unset -> Lax + POST within 2 minutes exception)?
- Još 3 druga odgovora
Novi razgovor -
-
-
I don't think I understand #4.
-
Hard to fit in a tweet, I should expand more elsewhere. However, if you have an HTTP session upgrading to HTTPS and need to maintain cookies (shopping cart? prefs? referral code?) then you need to transition that state some other way. Maybe POST in login or server side.
Kraj razgovora
Novi razgovor -
-
-
The way I think of it is: the site is the same. The protocol for accessing it is different.
-
I think I'd say, consider the definition of a site, eTLD+1 to include the protocol.
Kraj razgovora
Novi razgovor -
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.