In Reader View SameSite cookie protections are not checked on exiting. This allows for a payload to be triggered when Reader View is exited if loaded by a malicious site while Reader mode is active, bypassing CSRF protections. External Reference: https://www.mozilla.org/en-US/security/advisories/mfsa2018-16/#CVE-2018-12370
Acknowledgments: Name: the Mozilla project Upstream: Jun Kokatsu