Does anyone have a definitive answer as to whether iOS 11/12 and macOS 10.13/10.14 will recieve a fix for the cookie Samesite handling issue?
You generally won’t get an answer to questions like this on DevForums. Those folks who don’t know, including myself, can only speculate. And any Apple folks who do know won’t make announcements like that here.
My experience is that Apple only ships software updates for old iOS versions to deal with critical security problems. Given that, I’d be very surprised if there was fix for this for pre-iOS 13 releases.
Software updates for old Mac releases have a little more latitude. If you’d like to see this bug fix (r. 42290578) on older macOS releases, you should file your own bug report requesting that.
Please post your bug number, just for the record.
Share and Enjoy
Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware
let myEmail = "eskimo" + "1" + "@apple.com"
Reported as FB7586636.
We now have data that shows 12.7% (>5,000) of devices (the vast majority being Apple devices) accessing our web services are likely to be affected by the samesite=none cookie handling issue.
We are anxious to preserve a good user experience for these devices and to prevent web services suppliers having to reduce standard security settings for these users by unreliable means including User Agent sniffing etc.
I believe it can be argued that the inability to properly handle samesite=none (& its other variations) will have a material effect on the future online security of users of older macOS & iOS versions.