Assert on cookies with SameSite=None and no secure attribute (#610)

hummingbird-project · Dec 27, 2024 · 2ce29ad · 2ce29ad
1 parent ee2ae4b
commit 2ce29ad
Showing 1 changed file with 1 addition and 0 deletions.
diff --git a/Sources/Hummingbird/HTTP/Cookie.swift b/Sources/Hummingbird/HTTP/Cookie.swift
@@ -106,6 +106,7 @@ public struct Cookie: Sendable, CustomStringConvertible {
         httpOnly: Bool = true,
         sameSite: SameSite
     ) {
+        assert(!(secure == false && sameSite == .none), "Cookies with SameSite set to None require the Secure attribute to be set")
         self.name = name
         self.value = value
         var properties = Properties()