On 5 July 2025 23:26:18 BST, Ben Ramsey <ramsey@php.net> wrote:
The Partitioned parameter isn’t supported in Firefox or Safari. From what I can tell, it’s only supported in Chromium-based browsers. Safari 18.4 supported it, but they removed the support in 18.5. I’d like to understand why, but I haven’t been able to find anything on it.
Looking at the history of the MDN compatibility table, I found this WebKit PR: <https://github.com/WebKit/WebKit/pull/45504>
Before 288413@main, Apple platforms blocked all
third-party cookies by default. In that commit, we
enabled CHIPS (opt-in partitioned cookies), and that
required allowing partitioned third-party cookies while
rejecting unpartitioned cookies. The mechanism for
rejecting unpartitioned third-party cookies is
incomplete, so this change disables CHIPS and returns
to the previous shipping behavior.
We may land a different fix later or fix this in an
underlying framework.
So it sounds like they approve of the feature in principle, but need more work to implement it correctly.
Meanwhile Firefox seems to have had a similar experience: CHIPS support is listed in the release notes for v131 <https://www.mozilla.org/en-US/firefox/131.0/releasenotes/> but then listed as "re-enabled" in v141 (currently beta) <https://www.mozilla.org/en-US/firefox/141.0beta/releasenotes/>\. I haven't found any details of what happened in between.
Reading around various bug trackers, it seems there's been a lot of work on limiting the memory and performance impact of partitioned cookies, so that may also have something to do with the slow rollout.
However, to bring it back to PHP: I haven't seen any debate over the actual attributes used, so updating the validation in setcookie() probably does make sense, with the expectation that it will become widely supported within the next year or two.
Rowan Tommins
[IMSoP]