Chocobo1 130c0d8487 Revise cookie 'secure flag' enable condition ...

The localhost is 'potentially trustworthy' and RFC 6265 allows setting secure flag in this case.
Also check `X-Forwarded-Proto` header value to support reverse proxy usage.

Note: for reverse proxy users, now the `X-Forwarded-Proto` header is expected to be sent to qbt
otherwise the `secure` flag might be set erroneously.

https://datatracker.ietf.org/doc/html/rfc6265#section-4.1.2.5
https://w3c.github.io/webappsec-secure-contexts/#is-origin-trustworthy

Closes #21250.
PR #21260.

2024-09-07 21:38:27 +08:00

..

about.html

WebUI: omit closing on HTML void elements

2024-07-15 17:46:33 +08:00

aboutToolbar.html

WebUI: use native functions for event handling

2024-08-07 22:00:54 +08:00

confirmdeletion.html

WebUI: Improve torrent deletion dialog

2024-08-25 14:11:36 +08:00

filters.html

WebUI: Filter list improvements

2024-08-25 14:23:35 +08:00

installsearchplugin.html

WebUI: use native functions for event handling

2024-08-07 22:00:54 +08:00

log.html

WebUI: Add missing icons

2024-08-17 13:38:44 +08:00

logTabs.html

WebUI: Add missing icons

2024-08-17 13:38:44 +08:00

preferences.html

Revise cookie 'secure flag' enable condition

2024-09-07 21:38:27 +08:00

preferencesToolbar.html

WebUI: Add missing icons

2024-08-17 13:38:44 +08:00

properties.html

WebUI: Improve properties panel

2024-08-24 14:09:10 +08:00

propertiesToolbar.html

WebUI: Improve properties panel

2024-08-24 14:09:10 +08:00

rss.html

WebUI: implement debounce behavior for resize events

2024-08-17 14:02:15 +08:00

rssDownloader.html

WebUI: Add missing icons

2024-08-17 13:38:44 +08:00

search.html

WebUI: Add missing icons

2024-08-17 13:38:44 +08:00

searchplugins.html

WebUI: prevent passing wrong parameter

2024-08-17 14:02:13 +08:00

statistics.html

WebUI: provide semantic information of table body

2024-07-15 16:59:05 +08:00

transferlist.html

WebUI: avoid redundant re-initialization

2024-07-12 15:00:36 +08:00