You do not have permission to delete messages in this group
Copy link
Report message
Sign in to report message
Show original message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to dev-pl...@lists.mozilla.org
The "Cookie prefix" adds restrictions to how cookies with two specific
prefixes may be used. This addresses some of the Weak Confidentiality and
Weak Integrity concerns noted by RFC 6265 (
https://tools.ietf.org/html/rfc6265#section-8.5).
Cookies whose names start with "__Secure-" or "__Host-" must have the
"secure" flag and be set over a secure connection. In addition, cookies
with the "__Host-" prefix must have a path attribute of "/" and must not
have a "domain" attribute. The prefixes are ugly, but a name collision
could break existing content; Google's testing and scanning so far have
revealed no collisions.
Platforms: Desktop and Android.
Target Release: Firefox 50
Since this is a proposed standard the best forum for discussion would be
the public http mailing list
https://lists.w3.org/Archives/Public/ietf-http-wg/ (subscription
information available at that link)