Secure cookie handling upon https to http downgrade

Jo-Philipp Wich jo at
Mon Jan 2 10:35:33 PST 2023


> More generally, and regard to the earlier suggestion, I would still suggest
> splitting the http vs https cookie names in any ongoing luci rework in order
> to avoid this situation.

this also has been implemented already, see


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the openwrt-devel mailing list