From f3f51f25476ebcfc4dd1b6e674a1ade30fa2bef9 Mon Sep 17 00:00:00 2001 From: Luke Wilde Date: Thu, 9 Jan 2025 16:28:06 +0000 Subject: [PATCH] LibWebView: Consider wss a secure scheme for Secure cookies --- Libraries/LibWebView/CookieJar.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Libraries/LibWebView/CookieJar.cpp b/Libraries/LibWebView/CookieJar.cpp index eb469f7f6f2..9003709f957 100644 --- a/Libraries/LibWebView/CookieJar.cpp +++ b/Libraries/LibWebView/CookieJar.cpp @@ -559,7 +559,7 @@ Vector CookieJar::get_matching_cookies(const URL::URL& url, // * If the cookie's secure-only-flag is true, then the retrieval's URI must denote a "secure" connection (as // defined by the user agent). - if (cookie.secure && url.scheme() != "https"sv) + if (cookie.secure && url.scheme() != "https"sv && url.scheme() != "wss"sv) return; // * If the cookie's http-only-flag is true, then exclude the cookie if the retrieval's type is "non-HTTP".