Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit d73f4e38 authored by TreeHugger Robot's avatar TreeHugger Robot Committed by Android (Google) Code Review
Browse files

Merge "WebView: deprecate 'Secure' cookies for insecure schemes"

parents c3e39337 bc22d863

core/java/android/webkit/CookieManager.java

+6 −0
Original line number Diff line number Diff line
@@ -102,6 +102,9 @@ public abstract class CookieManager { 
     * path and name will be replaced with the new cookie. The cookie being set

     * will be ignored if it is expired.

     *

     * <p class="note"><b>Note:</b> if specifying a {@code value} containing the {@code "Secure"}

     * attribute, {@code url} must use the {@code "https://"} scheme.

     *

     * @param url the URL for which the cookie is to be set

     * @param value the cookie as a string, using the format of the 'Set-Cookie'

     *              HTTP response header
@@ -122,6 +125,9 @@ public abstract class CookieManager { 
     * completes or whether it succeeded, and in this case it is safe to call the method from a

     * thread without a Looper.

     *

     * <p class="note"><b>Note:</b> if specifying a {@code value} containing the {@code "Secure"}

     * attribute, {@code url} must use the {@code "https://"} scheme.

     *

     * @param url the URL for which the cookie is to be set

     * @param value the cookie as a string, using the format of the 'Set-Cookie'

     *              HTTP response header