Re: [whatwg/fetch] Secure cookies should be permitted on secure requests, not just where there is a `https` scheme (Issue #1827) from David Benjamin on 2025-05-20 (public-webapps-github@w3.org from May 2025)

From: David Benjamin <notifications@github.com>
Date: Mon, 19 May 2025 20:26:02 -0700
To: whatwg/fetch <fetch@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <whatwg/fetch/issues/1827/2892795907@github.com>

davidben left a comment (whatwg/fetch#1827)

I guess it does complicate the separation between http://localhost and https://localhost, but in so far as that matters, we should fix that by shipping https://github.com/sbingler/Origin-Bound-Cookies

-- 
Reply to this email directly or view it on GitHub:
https://github.com/whatwg/fetch/issues/1827#issuecomment-2892795907
You are receiving this because you are subscribed to this thread.

Message ID: <whatwg/fetch/issues/1827/2892795907@github.com>

Received on Tuesday, 20 May 2025 03:26:07 UTC