Fuck Mozilla

Back in 2020, I stated:

So CSRF isn’t dead but only because people are still using old or stupid (Safari) browsers.

However, it turns out that Firefox doesn’t set SameSite cookies by default, and instead needs a flag to be set - effectively meaning Mozillas post in 2020 was fairly misleading.

Luckily, this doesn’t matter as Mozillas market share is fairly low now at 3.29%, so luckily nothing is really affected.

To quote n-gate, Mozilla is winning the war against it’s own users.