You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
If the cookie-attribute-list contains an attribute with an attribute-name
of “Secure”, set the cookie’s secure-only-flag to true. Otherwise,
set the cookie’s secure-only-flag to false.
But then Step 12 says:
If the cookie’s secure-only-flag is not set, [...]
It's impossible to reach step 12 with the secure-only-flag not set because it's always set in step 8.
I believe a better wording would be If the cookie's secure-only-flag is false,.
The text was updated successfully, but these errors were encountered:
The 'secure-only-flag' is never "not set". It is either "true" or
"false". This patch fixes two places where we should have been checking
for falsity.
Closes#1059.
The 'secure-only-flag' is never "not set". It is either "true" or
"false". This patch fixes two places where we should have been checking
for falsity.
Closes#1059.
https://httpwg.org/http-extensions/draft-ietf-httpbis-rfc6265bis.html#storage-model
Step 8 says:
But then Step 12 says:
It's impossible to reach step 12 with the
secure-only-flag
not set because it's always set in step 8.I believe a better wording would be
If the cookie's secure-only-flag is false,
.The text was updated successfully, but these errors were encountered: