In this slightly shorter post, we’ll be discussing a recent update to Google’s SameSite cookie changes. In previous posts it was explained that Google was making a change to its Chrome browser which enforces the SameSite cookie attribute. These posts can be found here:

Part 1: https://www.bramfitt-tech-labs.com/article/part-1-samesite-cookie-attribute-enforcement/

Part 2: https://www.bramfitt-tech-labs.com/article/part-2-samesite-attribute/

Part 3: https://www.bramfitt-tech-labs.com/article/part-3-samesite-attribute/

The purpose of this change was to improve the privacy and security across the web. Since Google released Chrome 80 in February 2020, they have been gradually rolling this change out, monitoring and reaching out to websites and services to ensure cookies have been correctly labelled.

However, since the recent developments of COVID-19, there has been an announcement that Google will be rolling back this enforcement starting April 3rd.

Although the web was preparing for this change (only affecting Chrome users at this time), Google wanted to ensure that there wouldn’t be any issues as a result of the SameSite cookie changes getting access to websites that provide essential services (banking, food, government and healthcare) needed for daily life.

Google is currently looking to resume the changes in Summer 2020.

Reference: https://blog.chromium.org/220/04/temporarily-rolling-back-samesite.html