Manual SameSite Cookie Test
Manually test the behaviour of SameSite cookies in your browser across the different cross-site
request types: GET
, POST
, and embedded content.
Automatic SameSite Browser Test
Automated test suite that audits the behaviour of your browser with the different SameSite options,
across https and http, same-site and cross-site requests. Note, it will take a while as there is a
delay of 2 minutes to properly account for SameSite=Lax+POST
in Chrome.
An experiment by Stephen Rees-Carter for "CSRF is dead (or is it?)" and "SameSite Cookies Deep Dive".
Source Code on GitHub, PRs welcome.