Chromium bug allowed SameSite cookie bypass on Android devices


Developers can limit who can access cookies by using the SameSite setting. For instance, by setting SameSite=strict, this can stop a cookie from appearing in HTTP answers if a user accesses the website via a link or a redirect request from another website.

However, security researcher Axel Chong found that by using the intent method to access the target website, he was able to get around SameSite protection. Intents are external protocol handlers that let Android apps open other apps, such as switching from the browser to the Maps app or from an SMS to the browser.

Read More…