Commit 7a09b52c authored by Daniel Gustafsson's avatar Daniel Gustafsson
Browse files

cookies: leave secure cookies alone

Only allow secure origins to be able to write cookies with the
'secure' flag set. This reduces the risk of non-secure origins
to influence the state of secure origins. This implements IETF
Internet-Draft draft-ietf-httpbis-cookie-alone-01 which updates

Closes #2956
Reviewed-by: default avatarDaniel Stenberg <>
parent fdc5563b
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment