diff --git a/CHANGES/7821.feature b/CHANGES/7821.feature new file mode 100644 index 00000000000..3413224f859 --- /dev/null +++ b/CHANGES/7821.feature @@ -0,0 +1 @@ +Only check origin if insecure scheme and there are origins to treat as secure, in ``CookieJar.filter_cookies()``. diff --git a/aiohttp/cookiejar.py b/aiohttp/cookiejar.py index 4fc3ec97e1f..372a0e7b723 100644 --- a/aiohttp/cookiejar.py +++ b/aiohttp/cookiejar.py @@ -248,14 +248,13 @@ def filter_cookies( return filtered request_url = URL(request_url) hostname = request_url.raw_host or "" - request_origin = URL() - with contextlib.suppress(ValueError): - request_origin = request_url.origin() - is_not_secure = ( - request_url.scheme not in ("https", "wss") - and request_origin not in self._treat_as_secure_origin - ) + is_not_secure = request_url.scheme not in ("https", "wss") + if is_not_secure and self._treat_as_secure_origin: + request_origin = URL() + with contextlib.suppress(ValueError): + request_origin = request_url.origin() + is_not_secure = request_origin not in self._treat_as_secure_origin # Point 2: https://www.rfc-editor.org/rfc/rfc6265.html#section-5.4 for cookie in sorted(self, key=lambda c: len(c["path"])):