wilander

Safari now supports CHIPS – opt-in partitioned cookies!

Cross-site resources that aren't from known tracker domains can set cookies with response headers like this:

Set-Cookie: TestCookie=12345; SameSite=None; Secure; Partitioned

See under "Networking" in this post:
https://webkit.org/blog/16574/webkit-features-in-safari-18-4/#networking

WebKit Features in Safari 18.4

Safari 18.4 is here!

WebKit
Mar 31, 2025 at 7:24pmWeb
Show threadFrederik Braun �Mar 31, 2025
@wilander yum! 😋
Show threadJesperMar 31, 2025

@wilander This is great! And it comes just in time as I happen to need it for a project I'm currently working on.

I do wonder though, why is this needed in the first place? Why not just partition cookies by default like we do with all other storage APIs? I can't think of any scenario where it would break existing sites.

Show threadwilanderMar 31, 2025
@Jespertheend We shipped that in 2017 and decided to unship in 2018 because it broke some websites, massively increased the number of cookies, and site owners said they needed access to their unpartitioned cookies for which we provided the Storage Access API. A lot has happened since then, with for instance Firefox also blocking cross-site cookies by default. It may be more web compatible today.
Show threadJesperApr 1, 2025
@wilander Ahh I hadn't considered the storage usage. That makes sense. Thanks for the clarification!
Show threadChris SchildhornApr 1, 2025
@wilander nice one. I love that Connection Security Details are also available now on iOS/iPadOS.
Show threadDaniel DickisonApr 1, 2025
@wilander how does this differ from ITP? I thought Safari was already partitioning third party cookies by default.