Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:127913
X-Original-To: internals@lists.php.net
Delivered-To: internals@lists.php.net
Received: from php-smtp4.php.net (php-smtp4.php.net [45.112.84.5])
	by lists.php.net (Postfix) with ESMTPS id 88E171A00BC
	for <internals@lists.php.net>; Sun,  6 Jul 2025 11:01:43 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=php.net; s=mail;
	t=1751799592; bh=j+UkpI22Q/7abYDyH8vse1WKa/E3rwOktjD69gVCA5E=;
	h=Date:From:To:Subject:In-Reply-To:References:From;
	b=fMnKFzeWZ07uYdEBbQhusePpXd/v8x3zAkdfo+iOFGU+UAXjBUFnbU7cqzfq+bWQl
	 zfndVGoUPQpCIypjtaLwBaHbDQHw/D5mT1/8n8JxYNerT1KtNX6Lh7vQX9sLLH2scQ
	 2FrtPa9osFAIpYqzwq18gLCFt8V8/VRPlJXNcyJk7Pm/+r8itHbsVeURI3CE2qG5ae
	 ro6ls+ikq1gF7lqeexkgLHy+ItZ3ZZJYZxhQxXXbRxyTUWv6l6Qp+LyHTkCqDBRqke
	 GDrUE1By3plwxobJBL+1aQG9LbcBptrMIstOjVlUpsR8m77/6Xq1xA1bkxf0Q7gstL
	 0xlHkdhk/qr6A==
Received: from php-smtp4.php.net (localhost [127.0.0.1])
	by php-smtp4.php.net (Postfix) with ESMTP id 3E38D18004E
	for <internals@lists.php.net>; Sun,  6 Jul 2025 10:59:51 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-25) on php-smtp4.php.net
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_20,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,DMARC_MISSING,RCVD_IN_DNSWL_LOW,
	RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,SPF_PASS autolearn=no
	autolearn_force=no version=4.0.1
X-Spam-Virus: Error (Cannot connect to unix socket
	'/var/run/clamav/clamd.ctl': connect: Connection refused)
X-Envelope-From: <imsop.php@rwec.co.uk>
Received: from fhigh-b3-smtp.messagingengine.com (fhigh-b3-smtp.messagingengine.com [202.12.124.154])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256)
	(No client certificate requested)
	by php-smtp4.php.net (Postfix) with ESMTPS
	for <internals@lists.php.net>; Sun,  6 Jul 2025 10:59:50 +0000 (UTC)
Received: from phl-compute-09.internal (phl-compute-09.phl.internal [10.202.2.49])
	by mailfhigh.stl.internal (Postfix) with ESMTP id DA0717A0229
	for <internals@lists.php.net>; Sun,  6 Jul 2025 07:01:41 -0400 (EDT)
Received: from phl-mailfrontend-02 ([10.202.2.163])
  by phl-compute-09.internal (MEProxy); Sun, 06 Jul 2025 07:01:41 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rwec.co.uk; h=cc
	:content-transfer-encoding:content-type:content-type:date:date
	:from:from:in-reply-to:in-reply-to:message-id:mime-version
	:references:reply-to:subject:subject:to:to; s=fm2; t=1751799701;
	 x=1751886101; bh=j+UkpI22Q/7abYDyH8vse1WKa/E3rwOktjD69gVCA5E=; b=
	Qz2IyhU7m1SPn4uE9rs/o0aelvB9DBzOJnSQ89d6zyX0MGwPCZK/5+jcJWDrPBRr
	rvURNT2NPu7bDNKzjhTaUrcKMtnEvTLjJJ2gEBZsKN4k8K/mxVU0w+K3NZKNSWVj
	QOzjxK6zR2AqsfA/vkL7IF4ArkasQdShfPpGAdn91q9GVzcIvRf6DQGGip568aD4
	4hKTMpnThErAIU2R9noE5yDdSpxUKV2TdIlyOlldtuKN4ra907wFgO/onLULYEBI
	SvAVCwtr3+Fbco6ui+Co/9ZUZ/sHX8AiCryfhvTbqr6fJjyXUxfmaFO+GCYocli6
	h0fo0wk8Kr6bhRzLCOR0HQ==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
	messagingengine.com; h=cc:content-transfer-encoding:content-type
	:content-type:date:date:feedback-id:feedback-id:from:from
	:in-reply-to:in-reply-to:message-id:mime-version:references
	:reply-to:subject:subject:to:to:x-me-proxy:x-me-sender
	:x-me-sender:x-sasl-enc; s=fm2; t=1751799701; x=1751886101; bh=j
	+UkpI22Q/7abYDyH8vse1WKa/E3rwOktjD69gVCA5E=; b=f0VjVYXALja6/YnAA
	pXPBscOBs685xCiP07/nlr6i1Z3V0Jv8y2gMzcEtPKZVDl4O0QsGRY7raUJiR6oQ
	l3iKBqwzNHGO5HStORwUBsT5jWYUBIkIHPmb1Ug/yPuzYtHYIO271iBovj/wVMpv
	76sys80dit5GNtkgebcKnE4xCHXA3ftTNMDL6Exa2JsyeQJxAudqvlahgcLUWflD
	s6KjRYgLqSGNhWsbFqSqj037sIuuNiQV8DSpBUiupatZtTeMIVM4pYpmPRa6h3fn
	fx45ht1fh/0vWoh+R+UqzMp79wd0Qauvg97rJX3rK2hVaCo/gv/ymsM02oYWPbzD
	wSBmg==
X-ME-Sender: <xms:lVdqaJaT3pU4vA1U0HOP2lYxGYtUxG5__slBoJghrvBhEYi8Cz-YJA>
    <xme:lVdqaAa3mzKE4iwDMR5pLxbPeDyf-rWZIE24au6_bsfFRqWMPdciQs4MZANteQ51s
    cGZl6D3QfXKID0YC1I>
X-ME-Received: <xmr:lVdqaL-ppFfZh9XgK7NE-UToxNWNONpJWN2CIx24tLCyPNCVOhc9bNUoD2DjrA2gtLn63MgqJX3MYPumzexKs2-IgMQ3SIUtFFr-gBTgaO2dlRwknwGd>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeeffedrtdefgddvkeejgecutefuodetggdotefrod
    ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpuffrtefokffrpgfnqfghnecuuegr
    ihhlohhuthemuceftddtnecunecujfgurhepfffhvffufggjfhfkgggtgfesthhqmhdttd
    erjeenucfhrhhomhepfdftohifrghnucfvohhmmhhinhhsucglkffoufhorfgnfdcuoehi
    mhhsohhprdhphhhpsehrfigvtgdrtghordhukheqnecuggftrfgrthhtvghrnhepfedthe
    eijeeuheetvdegieeufefhueefkeefgeeludfgleehhfejtdfgffdugefgnecuffhomhgr
    ihhnpehgihhthhhusgdrtghomhdpmhhoiihilhhlrgdrohhrghenucevlhhushhtvghruf
    hiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehimhhsohhprdhphhhpsehrfigv
    tgdrtghordhukhdpnhgspghrtghpthhtohepuddpmhhouggvpehsmhhtphhouhhtpdhrtg
    hpthhtohepihhnthgvrhhnrghlsheslhhishhtshdrphhhphdrnhgvth
X-ME-Proxy: <xmx:lVdqaHpMlaRYsJY67j_TCX4RYo9_jKmub2GTrFN0cqPU6_cYLYW09Q>
    <xmx:lVdqaErwAr8s1Iz4_fh00oWH2D5M2VFd21KfjvmLmu_z0a94x2CMgw>
    <xmx:lVdqaNRnQSl4FFH4O2tnWYJqw3r0XrdS9i_kkTi8nQCJYOxqLI2xAA>
    <xmx:lVdqaMo-L1YLyrAHTpcrjflzOkH-GdJC1YYy_SH-xj0-hDbpDIeA8A>
    <xmx:lVdqaMIOGTKrNgkowroQU-ihR-VtIAOODYFf4gd3bSkKV4R_lkOUV1x4>
Feedback-ID: id5114917:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA for
 <internals@lists.php.net>; Sun, 6 Jul 2025 07:01:40 -0400 (EDT)
Date: Sun, 06 Jul 2025 12:01:39 +0100
To: internals@lists.php.net
Subject: =?US-ASCII?Q?Re=3A_=5BPHP-DEV=5D_=5BDiscussion=5D_Cookies_Havi?=
 =?US-ASCII?Q?ng_Independent_Partitioned_State_=28CHIPS=29?=
User-Agent: K-9 Mail for Android
In-Reply-To: <0D711888-1BDC-42E1-8EFE-B77681AE8BF4@php.net>
References: <CANTuiHvbBHfGFzzZyqkgejPR0GGUnVxVsoqWsRg9GiT2_VWteg@mail.gmail.com> <0D711888-1BDC-42E1-8EFE-B77681AE8BF4@php.net>
Message-ID: <749ABEBF-3F33-45A3-A518-AFA455FA80CC@rwec.co.uk>
Precedence: bulk
list-help: <mailto:internals+help@lists.php.net
list-unsubscribe: <mailto:internals+unsubscribe@lists.php.net>
list-post: <mailto:internals@lists.php.net>
List-Id: internals.lists.php.net
x-ms-reactions: disallow
MIME-Version: 1.0
Content-Type: text/plain;
 charset=utf-8
Content-Transfer-Encoding: quoted-printable
From: imsop.php@rwec.co.uk ("Rowan Tommins [IMSoP]")

On 5 July 2025 23:26:18 BST, Ben Ramsey <ramsey@php=2Enet> wrote:
>The Partitioned parameter isn=E2=80=99t supported in Firefox or Safari=2E=
 From what I can tell, it=E2=80=99s only supported in Chromium-based browse=
rs=2E Safari 18=2E4 supported it, but they removed the support in 18=2E5=2E=
 I=E2=80=99d like to understand why, but I haven=E2=80=99t been able to fin=
d anything on it=2E


Looking at the history of the MDN compatibility table, I found this WebKit=
 PR: <https://github=2Ecom/WebKit/WebKit/pull/45504>

> Before 288413@main, Apple platforms blocked all
> third-party cookies by default=2E In that commit, we
> enabled CHIPS (opt-in partitioned cookies), and that
> required allowing partitioned third-party cookies while
> rejecting unpartitioned cookies=2E The mechanism for
> rejecting unpartitioned third-party cookies is
> incomplete, so this change disables CHIPS and returns
> to the previous shipping behavior=2E
>
> We may land a different fix later or fix this in an
> underlying framework=2E


So it sounds like they approve of the feature in principle, but need more =
work to implement it correctly=2E


Meanwhile Firefox seems to have had a similar experience: CHIPS support is=
 listed in the release notes for v131 <https://www=2Emozilla=2Eorg/en-US/fi=
refox/131=2E0/releasenotes/> but then listed as "re-enabled" in v141 (curre=
ntly beta) <https://www=2Emozilla=2Eorg/en-US/firefox/141=2E0beta/releaseno=
tes/>=2E I haven't found any details of what happened in between=2E=20


Reading around various bug trackers, it seems there's been a lot of work o=
n limiting the memory and performance impact of partitioned cookies, so tha=
t may also have something to do with the slow rollout=2E

However, to bring it back to PHP: I haven't seen any debate over the actua=
l attributes used, so updating the validation in setcookie() probably does =
make sense, with the expectation that it will become widely supported withi=
n the next year or two=2E=20



Rowan Tommins
[IMSoP]