254991 – Cookie shared across subdomains don't work with .local tld

Bug 254991 - Cookie shared across subdomains don't work with .local tld

Summary: Cookie shared across subdomains don't work with .local tld

Status:	NEW

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	Website Storage (show other bugs)
Version:	Safari 16
Hardware:	All All

Importance:	P2 Normal
Assignee:	Nobody

URL:
Keywords:	InRadar

Depends on:
Blocks:

Reported:	2023-04-04 09:14 PDT by Matthias Le Brun
Modified:	2023-04-11 09:15 PDT (History)
CC List:	3 users (show)

See Also:	218980

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Matthias Le Brun 2023-04-04 09:14:16 PDT

Hello!

I have a situation where I set a HTTPOnly, Secure cookie on `dashboard.name.local`, and try to call a `dashboard.name.local` API endpoint from `other.name.local`. Cookies aren't sent in the request, where the same situation on a `name.com` works.

As using `.local` is fairly common for local development, can it be considered like a regular TLD?

Comment 1 Sam Sneddon [:gsnedders] 2023-04-05 05:48:48 PDT

This may well just be another thing that falls out from 218980.

Comment 2 Radar WebKit Bug Importer 2023-04-11 09:15:26 PDT

<rdar://problem/107885806>