Per <https://developer.apple.com/reference/foundation/nshttpcookiesecure>, Passing NSHTTPCookieSecure with any value–including @NO–to +[NSHTTPCookie cookieWithProperties:] will create a cookie with the "Secure" flag. The code currently boxes a BOOL into an NSBoolean unconditionally, causing all cookies to have the secure flag. This only seems to practically affect cookies created via WebCookieManager[Proxy].
(In reply to Brian Burg from comment #0) > > This only seems to practically affect cookies created via > WebCookieManager[Proxy]. This affects the new WKHTTPCookieStore API as well, but a bug in the API test masked the round tripping failure. I'll post a patch fixing both.
<rdar://problem/29829930>
Created attachment 309143 [details] Patch
Comment on attachment 309143 [details] Patch Yay! Looks like you missed the 3rd round of comparisons in the cookie API test, though. R+ with fixing that.
Nice catch!
<rdar://problem/32017975>
(In reply to Brady Eidson from comment #4) > Comment on attachment 309143 [details] > Patch > > Yay! > > Looks like you missed the 3rd round of comparisons in the cookie API test, > though. > > R+ with fixing that. Will do, thanks.
Committed r216258: <http://trac.webkit.org/changeset/216258>