moparisthebest/curl - curl - code.moparisthebest.com

moparisthebest/curl

Fork 0

mirror of https://github.com/moparisthebest/curl synced 2024-08-13 17:03:50 -04:00

Commit Graph

Author	SHA1	Message	Date
Daniel Gustafsson	7a09b52c98	cookies: leave secure cookies alone Only allow secure origins to be able to write cookies with the 'secure' flag set. This reduces the risk of non-secure origins to influence the state of secure origins. This implements IETF Internet-Draft draft-ietf-httpbis-cookie-alone-01 which updates RFC6265. Closes #2956 Reviewed-by: Daniel Stenberg <daniel@haxx.se>	2018-12-13 09:57:58 +01:00

Author

SHA1

Message

Date

Daniel Gustafsson

7a09b52c98

cookies: leave secure cookies alone

Only allow secure origins to be able to write cookies with the
'secure' flag set. This reduces the risk of non-secure origins
to influence the state of secure origins. This implements IETF
Internet-Draft draft-ietf-httpbis-cookie-alone-01 which updates
RFC6265.

Closes #2956
Reviewed-by: Daniel Stenberg <daniel@haxx.se>

2018-12-13 09:57:58 +01:00

1 Commits