From 272bf52d62b06e7d78190061caebfc4b697e2208 Mon Sep 17 00:00:00 2001
From: Marcus Hill <bcf8c9f2@opayq.com>
Date: Sat, 15 Jan 2022 21:17:31 +0000
Subject: [PATCH] Note re https

---
 login.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/login.php b/login.php
index f0abe294..2a924624 100644
--- a/login.php
+++ b/login.php
@@ -55,6 +55,7 @@ if(isset($_POST['login'])){
     // Setup extension
     if(isset($row['user_extension_key']) && !empty($row['user_extension_key'])){
         // Extension cookie
+        // Note: Browsers don't accept cookies with SameSite None if they are not HTTPS.
         setcookie("user_extension_key", "$row[user_extension_key]", ['path' => '/','secure' => true,'httponly' => true,'samesite' => 'None']);
 
         // Set PHP session in DB so we can access the session encryption data (above)