diff options
author | Daniel Stenberg <daniel@haxx.se> | 2016-10-06 09:40:47 +0200 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2016-10-06 09:40:47 +0200 |
commit | da1a2d1ac8d49e519cfa5928689fd313f4ba71d7 (patch) | |
tree | 94fcba710ddad9442c792a65735de1c7eaf50f1f /docs/TODO | |
parent | c271b1c29a176612c98977fd1c722952e86aace9 (diff) |
TODO: Leave secure cookies alone
Diffstat (limited to 'docs/TODO')
-rw-r--r-- | docs/TODO | 9 |
1 files changed, 9 insertions, 0 deletions
@@ -69,6 +69,7 @@ 5.7 Brotli compression 5.8 QUIC 5.9 Add easy argument to formpost functions + 5.10 Leave secure cookies alone 6. TELNET 6.1 ditch stdin @@ -554,6 +555,14 @@ This is not detailed in any FTP specification. deprecating the old ones. Allows better error messages and is generally good API hygiene. +5.10 Leave secure cookies alone + + Non-secure origins (HTTP sites) should not be allowed to set or modify + cookies with the 'secure' property: + + https://tools.ietf.org/html/draft-ietf-httpbis-cookie-alone-01 + + 6. TELNET 6.1 ditch stdin |