Denis @ TheOffice said:
By default, a cookie for a particular domain is sent to both HTTP and
HTTPS URLs in this domain. There exists a concept of secure cookie (one
that should only be sent over HTTPS): to set one, you append ";secure"
to the cookie data when calling InternetSetCookie. But I don't know how
to determine whether a particular cookie found in the cache is secure.
With best wishes,
With sufficient thrust, pigs fly just fine. However, this is not
necessarily a good idea. It is hard to be sure where they are going to
land, and it could be dangerous sitting under them as they fly
overhead. -- RFC 1925