Identifier use in Browsers

From MgmtWiki
Revision as of 09:17, 10 February 2021 by Tom (talk | contribs) (Created page with "==Full Title or Meme== The ways that browsers interact with the user's Identifiers is tracked here. ==Context== ==Solutions== *Same-site policy has been added and slowly...")

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Full Title or Meme

The ways that browsers interact with the user's Identifiers is tracked here.

Context

Solutions

  • Same-site policy has been added and slowly enhanced to block cross-site scripting attacks (CSRF or XSRF) by asserting that a particular cookie should only be sent with requests initiated from the same registrable domain. This site describes the varying impact that this policy has on users on the various browsers. The challenge for [Single Sign On]] efforts with a Identifier or Attribute Provider at a different site than the Relying Party is that they rely on cross-site cookies to pass user credentials from one site to another. The problem introduced with iOS 12 from Apple is described on this site.

References