LibWebView: Consider wss a secure scheme for Secure cookies

Author: https://github.com/Lubrsi Commit: f3f51f2547 Pull-request: https://github.com/LadybirdBrowser/ladybird/pull/3239 Reviewed-by: https://github.com/awesomekling Reviewed-by: https://github.com/kalenikaliaksandr
2025-07-29 20:29:18 +00:00 · 2025-01-09 16:28:06 +00:00 · 2025-01-09 16:28:06 +00:00 · f3f51f2547 · 2025-01-21 20:38:56 +00:00
commit f3f51f2547
parent c50e89bb73
1 changed files with 1 additions and 1 deletions
--- a/Libraries/LibWebView/CookieJar.cpp
+++ b/Libraries/LibWebView/CookieJar.cpp
@ -559,7 +559,7 @@ Vector<Web::Cookie::Cookie> CookieJar::get_matching_cookies(const URL::URL& url,

        // * If the cookie's secure-only-flag is true, then the retrieval's URI must denote a "secure" connection (as
        //   defined by the user agent).
-        if (cookie.secure && url.scheme() != "https"sv)
+        if (cookie.secure && url.scheme() != "https"sv && url.scheme() != "wss"sv)
            return;

        // * If the cookie's http-only-flag is true, then exclude the cookie if the retrieval's type is "non-HTTP".