Skip to content
Commit 7a09b52c authored by Daniel Gustafsson's avatar Daniel Gustafsson
Browse files

cookies: leave secure cookies alone 



Only allow secure origins to be able to write cookies with the
'secure' flag set. This reduces the risk of non-secure origins
to influence the state of secure origins. This implements IETF
Internet-Draft draft-ietf-httpbis-cookie-alone-01 which updates
RFC6265.

Closes #2956
Reviewed-by: default avatarDaniel Stenberg <daniel@haxx.se>
parent fdc5563b
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment