From 53018d93d4211988c8092622b61fb4c5f610d7d1 Mon Sep 17 00:00:00 2001
From: Euclid Ye <euclid.ye@huawei.com>
Date: Thu, 26 Mar 2026 21:21:51 +0800
Subject: [PATCH 1/2] Throw "invalid cookie domain" instead

Signed-off-by: Euclid Ye <euclid.ye@huawei.com>
---
 index.html | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/index.html b/index.html
index 4ad304fe..5f8ca390 100644
--- a/index.html
+++ b/index.html
@@ -7605,13 +7605,13 @@ <h3><dfn data-lt="adding a cookie">Add Cookie</dfn></h3>
 
  <li><p>If <var>session</var>&apos;s <a>current browsing
   context</a>&apos;s <a>document element</a> is
-  a <a>cookie-averse <code>Document</code> object</a>,
+  a <a>cookie-averse <code>Document</code> object</a> or
+  <a>cookie domain</a> is not equal to <var>session</var>&apos;s <a>current
+  browsing context</a>&apos;s <a>active document</a>&apos;s <a>domain</a>,
   return <a>error</a> with <a>error code</a> <a>invalid cookie
   domain</a>.
 
  <li><p>If <a>cookie name</a> or <a>cookie value</a> is <a><code>null</code></a>,
-  <a>cookie domain</a> is not equal to <var>session</var>&apos;s <a>current
-  browsing context</a>&apos;s <a>active document</a>&apos;s <a>domain</a>,
   <a>cookie secure only</a> or <a>cookie HTTP only</a> are not boolean types,
   or <a>cookie expiry time</a> is not an integer type, or it less than 0 or greater than
   the <a>maximum safe integer</a>, return <a>error</a> with <a>error

From 555772ea3bf6ac55a9ae7ec3b89aa58c2d2ad9ef Mon Sep 17 00:00:00 2001
From: Euclid Ye <euclid.ye@huawei.com>
Date: Wed, 1 Apr 2026 11:56:38 +0800
Subject: [PATCH 2/2] Move type check earlier

Signed-off-by: Euclid Ye <euclid.ye@huawei.com>
---
 index.html | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/index.html b/index.html
index 5f8ca390..f45ac8b4 100644
--- a/index.html
+++ b/index.html
@@ -7603,6 +7603,12 @@ <h3><dfn data-lt="adding a cookie">Add Cookie</dfn></h3>
  <li><p><a>Try</a> to <a>handle any user prompts</a>
   with <var>session</var>.
 
+  <li><p>If <a>cookie name</a> or <a>cookie value</a> is <a><code>null</code></a>,
+  <a>cookie secure only</a> or <a>cookie HTTP only</a> are not boolean types,
+  or <a>cookie expiry time</a> is not an integer type, or it less than 0 or greater than
+  the <a>maximum safe integer</a>, return <a>error</a> with <a>error
+  code</a> <a>invalid argument</a>.
+
  <li><p>If <var>session</var>&apos;s <a>current browsing
   context</a>&apos;s <a>document element</a> is
   a <a>cookie-averse <code>Document</code> object</a> or
@@ -7611,12 +7617,6 @@ <h3><dfn data-lt="adding a cookie">Add Cookie</dfn></h3>
   return <a>error</a> with <a>error code</a> <a>invalid cookie
   domain</a>.
 
- <li><p>If <a>cookie name</a> or <a>cookie value</a> is <a><code>null</code></a>,
-  <a>cookie secure only</a> or <a>cookie HTTP only</a> are not boolean types,
-  or <a>cookie expiry time</a> is not an integer type, or it less than 0 or greater than
-  the <a>maximum safe integer</a>, return <a>error</a> with <a>error
-  code</a> <a>invalid argument</a>.
-
  <li><p><a>Create a cookie</a> in
   the <a>cookie store</a> associated with
   the <a>active document</a>&apos;s <a>address</a>