1
0
mirror of https://github.com/moparisthebest/curl synced 2024-11-17 15:05:02 -05:00
Commit Graph

2 Commits

Author SHA1 Message Date
Daniel Gustafsson
7a09b52c98 cookies: leave secure cookies alone
Only allow secure origins to be able to write cookies with the
'secure' flag set. This reduces the risk of non-secure origins
to influence the state of secure origins. This implements IETF
Internet-Draft draft-ietf-httpbis-cookie-alone-01 which updates
RFC6265.

Closes #2956
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2018-12-13 09:57:58 +01:00
Daniel Stenberg
09cca9813d docs/HTTP-COOKIES: converted to markdown 2016-03-29 08:53:40 +02:00