Google Chrome 80 is now available for download on all supported platforms, including Windows, Linux, and Mac, and while the release notes include several notable improvements, one of the most important changes concerns cookies.
Beginning with this release, Google begins the rollout of a new cookie classification system, which the company claims is “secure by default.”
“Chrome will begin enforcing a new secure-by-default cookie classification system, treating cookies that have no declared SameSite value as SameSite=Lax cookies. Only cookies set as SameSite=None; Secure will be available in third-party contexts, provided they are being accessed from secure connections,” Google announced earlier this month.
Gradual rollout beginning February 17
The changes were originally announced in May 2019 when Google also provided additional information for developers in order to prepare for the update.
And while the new behavior will be included in Chrome 80, the actual rollout of the new cookie classification system is projected to kick off later this month with only a small number of users. The rollout will then continue throughout the next few weeks with even more users as Google collects feedbacks and determines the overall reliability.
“The new SameSite behavior will not be enforced on Android WebView until later, though app developers are advised to declare the appropriate SameSite cookie settings for Android WebViews based on versions of Chrome that are compatible with the None value, both for cookies accessed via HTTP(S) headers and via Android WebView’s CookieManager API. This does not apply to Chrome browser on Android, which will begin to enforce the new SameSite rules at the same time as the desktop versions of Chrome. The new SameSite behavior will not affect Chrome on iOS,” Google said in the launch timeline.
If you want to test your browser with the new cookie system, you can visit a dedicated page created for this purpose right here.