Chrome is dropping support for the “Extended” value of the cookie SameSite attribute. All other SameSite attribute values (Strict, Lax, None) will not be affected.
Support for “Extended” was added in Chrome 76, but was never publicized or added to the specification. The “Extended” value was intended to extend the concept of “Lax” to first party sets, however, in the current implementation in Chrome, it behaves exactly the same as “Lax” -- other browsers handle the value inconsistently. Usage of the attribute value is also extremely low (set on fewer than 1 in 10 million cookies -- an HTTP archive query revealed fewer than 5 sites using the attribute).
Cookies that had been set with SameSite=Extended prior to the deprecation will be treated as if they had not set a SameSite attribute. After the deprecation, any new cookies set with “Extended” will also be treated as if they did not specify a SameSite attribute. Web developers currently using “Extended” should switch to a supported value, such as “Lax”.
(We would be happy to send out a formal Intent to Deprecate and Remove if anyone deems it worthwhile.)
