Call out more clearly that setcookie.net link is HTTP (non-secure)

[robinp]

Hi,

It took me some minutes to realize why a subdomain-set cookie won't show on the root, after clicking through with the link in the preamble

Use this to test various cookie options and how they impact which cookies are sent to different URLs, such as a.setcookie.net, a.b.setcookie.net, setcookie.net/foo, or http://setcookie.net/.

Note that while all links are https, the last one to the root domain is non-https. So secure cookies won't be sent, leading to some surprize.

I suggest making the root domain link https as well, and maybe adding a separate non-secure link with explicitly calling if out, if that is desired.

Thank you for the excellent tool by the way!

[cmbuckley]

Hi, thanks for your feedback! I tried to better clarify this by adding information to the URL at the top of the page. You can see the result at https://setcookie-staging-25.fly.dev/example/path. The staging setup doesn't support subdomains or insecure links, but hopefully the concept is clear.

Edit: staging environment is torn down when PR is merged. See https://setcookie.net/example/path.

[robinp]

Thank you, looks neat!