Browser is not sending secured cookies under this scenario: 1) Browser never handled a cookie from a secured protocol (HTTPS) 2) Server adds a "secured" cookie over a non-secured protocol (HTTP) 3) Server asks for secure cookie over a secured protocol (HTTPS)
Created attachment 162040 [details] Patch
Comment on attachment 162040 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=162040&action=review Looks good, some stuff to fix still. > Source/WebCore/ChangeLog:2 > + One empty line too many. > Source/WebCore/ChangeLog:11 > + The problem was if the browser has never saved a secure protocol, Can you rephrase this? It seems a bit terse. > Source/WebCore/ChangeLog:18 > + funciton. Typo: function. > Source/WebCore/platform/blackberry/CookieManager.cpp:212 > + // Set the map to the non-secure version, so it'll search the mapping for a secure cookie Lacks period.
Created attachment 162042 [details] Patch
Created attachment 162043 [details] Patch
Comment on attachment 162043 [details] Patch Looks good.
Comment on attachment 162043 [details] Patch Clearing flags on attachment: 162043 Committed r127470: <http://trac.webkit.org/changeset/127470>
All reviewed patches have been landed. Closing bug.