This repository was archived by the owner on Mar 4, 2020. It is now read-only.
Mention impact on document.cookie #5
Description
Current phrasing like
those cookies which would actually be sent over HTTP
etc.
talks all about sending a Cookie header, but we should be clear that this applies to document.cookie as well?
We also may want to clarify that deletion of a cookie lacking a SECURE attribute also impacts that cookie when a HTTPS request is made?