Google will temporarily roll back the changes it recently made to how its Chrome browser handles cookies in order to ensure that sites that perform essential services like banking, online grocery, government services and healthcare won't become inaccessible to Chrome users during the current COVID-19 pandemic.
With the stable release of Chrome 80 in February, Chrome began enforcing secure-by-default handling of third-party cookies as part of our ongoing effort to improve privacy and security across the web. Google has been gradually rolling out this change since February and has been monitoring and evaluating ecosystem impact, including proactively reaching out to individual websites and services to ensure their cookies are labeled correctly.
The new SameSite rules are meant to make it harder for sites to access cookies from third-party sites and hence track a user's online activity. These new rules are also meant to prevent cross-site request forgery attacks.
Under Google's new guidance, developers must explicitly allow their cookies to be read by third-party sites, otherwise, the browser will prevent these third-party sites from accessing them.
However in light of the extraordinary global circumstances due to COVID-19, Google is temporarily rolling back the enforcement of SameSite cookie labeling, starting today. While most of the web ecosystem was prepared for this change, Google says it wants to ensure stability for websites providing essential services including banking, online groceries, government services and healthcare that facilitate our daily life during this time.
Google expects to resume the enforcement over the summer.