[FIREFOX] We sometimes flag cookies as "secure" even though they are from HTTP origins
While investigating this bug report I realised that HTTPS Everywhere will actually flag cookies as secure from within HTTP-only pages/origins. Needless to say, this can interact very badly with *.example.com target host rules!
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information