1. Go to https://httpdump.app/ and 'Create your own Dump' 2. Open the URL on the right in MiniBrowser 2. Inside Web Inspector go to Storage -> Cookies -> Mark both cookies as secure 3. Inside Web Inspector evaluate 'new WebSocket("wss://httpdump.app/dumps/ecf2db54-87fb-4369-87bc-51f3707ba75a")' (adjust the random UUID to your httpdump) 4. Click on the request which got tracked on the left and observe the headers on the right. Expected: It includes two cookies Actual: It does not include any cookies
Pull request: https://github.com/WebKit/WebKit/pull/9514
(In reply to Max Schmitt from comment #0) > 1. Go to https://httpdump.app/ and 'Create your own Dump' I found out another bug while trying this step. Filed: Bug 251661 – REGRESSION(WebKitRequirements v2022.12.22) WinCairo can't load https://httpdump.app/
Due to the above bug, I'm trying to reproduce it with old WinCairo MiniBrowser (258184@main) + WebKitRequirements v2022.10.20. But, I don't observe the problem. I'm observing cookies in the newest request.
[BUG]: secure cookies don't get included for wss:// WebSockets · Issue #20370 · microsoft/playwright https://github.com/microsoft/playwright/issues/20370 The bug report says this is a regression.
It's a regression on our side + on WebKit side as well since it was introduced between these commits: https://github.com/WebKit/WebKit/compare/0e798281d3ad557900b890a1ffdee2984b05c227...b443fbf87d8dcbaabdd9bde259a812a2e5622906 This reflects to Playwright revision numbers 1652 and 1654.
So I guess its caused by https://github.com/WebKit/WebKit/commit/d726f6c8e4e517f224863044bb7200eeeac40127.
Committed 259975@main (11421fd47f7d): <https://commits.webkit.org/259975@main> Reviewed commits have been landed. Closing PR #9514 and removing active labels.
<rdar://problem/105141402>