Google today officially announced the stable version of Chrome 80. It is important to note that the introduction of SameSite cookies in the new version may compromise website functionality. Enabling this feature means that cookies can only be used in a third-party context if they are accessed from a secure link.
Last month, Google announced a number of strategic changes it will deploy over the next two years, with the ultimate goal of eliminating support for third-party cookies in Chrome altogether. Google says the new plan comes as people want greater privacy and control over their data. Google says it wants to develop a new system for the entire network ecosystem, including publishers.
In May 2019, Google has forced third-party cookies to use HTTPS. This warning should give site administrators time to update their site to ensure that there are no issues with the release of Chrome 80. In October 2019, Google again issued a reminder through the developer community. For those who are still unprepared, Google has released a video explaining what has changed.
To help ease sign-in issues, Chrome has introduced a new feature that allows cookies that do not have a specified SameSite setting to be used for top-level cross-site POST request types, which are typically used in the sign-in process. The “Lax and POST” feature allows cookies to perform their intended functions in just two minutes.
If the SameSite property is not specified, Chrome 80 will set the cookie to SameSite-Lax by default. Before Chrome 80, it was preset as SameSite.None. By explicitly setting up The SameSite-None; Secure, developers can still choose to join the current state of unlimited use.
Google also warned that business administrators may need to implement special policies to restore Chrome to legacy if it has not updated its internal apps to meet Chrome’s new expectations. Overall, this change should further enhance the Web security of the average user.