Y
Hacker News
new
|
ask
|
show
|
jobs
by
jefftk
1774 days ago
How would this help with CSRF? The new feature only applies when someone intentionally clears their cookies.
1 comments
Terretta
1774 days ago
Not how I read it. To me it says Facebook.com cookies set through site A are separate from those stored through site B. Even if you never clear, fb cookies would no longer be a single cookie to link these, but separate.
The jar is the key new thing, not the emptying.
link
jefftk
1774 days ago
The approach to the cookie jar isn't new in Firefox 91; that's Total Cookie Protection, added in Firefox 86:
https://blog.mozilla.org/security/2021/02/23/total-cookie-pr...
link
Terretta
1773 days ago
Delete the word “new”, emphasis on “key”.
link
The jar is the key new thing, not the emptying.