[Webkit-unassigned] [Bug 158730] New: Add "__Secure-" and "__Host-" cookie prefix support

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Tue Jun 14 03:55:50 PDT 2016


https://bugs.webkit.org/show_bug.cgi?id=158730

            Bug ID: 158730
           Summary: Add "__Secure-" and "__Host-" cookie prefix support
    Classification: Unclassified
           Product: WebKit
           Version: Other
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: Page Loading
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: craig+webkit at craigfrancis.co.uk
                CC: beidson at apple.com

This allows a website to ensure that cookies are set with the "secure" attribute (only used over HTTPS), and optionally only be allowed for the current host (set without a Domain attribute, and the path is set to "/").

This has been implemented in Chrome 49:
https://googlechrome.github.io/samples/cookie-prefixes/

Explanation:
https://chloe.re/2016/04/27/cookieprefixes/

Spec:
https://tools.ietf.org/html/draft-west-cookie-prefixes-05

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-unassigned/attachments/20160614/3bdf46c1/attachment.html>


More information about the webkit-unassigned mailing list