]> Cypherpunks repositories - gostls13.git/commit
projects / gostls13.git / commit
summary | shortlog | log | commit | commitdiff | tree
(parent: f870a1d) | patch
net/http/cookiejar: treat localhost as secure origin
authorSean Liao <sean@liao.dev>
Tue, 4 Nov 2025 22:47:42 +0000 (22:47 +0000)
committerSean Liao <sean@liao.dev>
Fri, 21 Nov 2025 20:47:29 +0000 (12:47 -0800)
commit7aa9ca729fcb063506ea4ed35ee9b2673a853e4f
treee109da9af42bebdcd112626ff3229ecaf8ed8c42tree
parentf870a1d3989d428a5d87368e340f23c4d8232380commit | diff
net/http/cookiejar: treat localhost as secure origin

For development purposes, browsers treat localhost
as a secure origin regardless of protocol.

Fixes #60997

https://developer.mozilla.org/en-US/docs/Web/HTTP/Guides/Cookies#restrict_access_to_cookies
https://bugzilla.mozilla.org/show_bug.cgi?id=1618113
https://issues.chromium.org/issues/40120372

Change-Id: I6d31df4e055f2872c4b93571c53ae5160923852b
Reviewed-on: https://go-review.googlesource.com/c/go/+/717860
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Mark Freeman <markfreeman@google.com>
Reviewed-by: Damien Neil <dneil@google.com>
src/net/http/cookiejar/jar.go diff | blob | history
src/net/http/cookiejar/jar_test.go diff | blob | history
Go GOST TLS 1.3