diff --git a/Lombiq.HelpfulLibraries.AspNetCore/Security/ApplicationBuilderExtensions.cs b/Lombiq.HelpfulLibraries.AspNetCore/Security/ApplicationBuilderExtensions.cs
index 45c9bb29..547370ed 100644
--- a/Lombiq.HelpfulLibraries.AspNetCore/Security/ApplicationBuilderExtensions.cs
+++ b/Lombiq.HelpfulLibraries.AspNetCore/Security/ApplicationBuilderExtensions.cs
@@ -107,6 +107,10 @@ public static IApplicationBuilder UseNosniffContentTypeOptionsHeader(this IAppli
/// Adds a middleware that checks all Set-Cookie headers and replaces any with a version containing
/// Secure and SameSite=Strict modifiers if they were missing.
///
+ ///
+ /// With this all cookies will only work in a secure context, so you should have some way to automatically redirect
+ /// any HTTP request to HTTPS.
+ ///
public static IApplicationBuilder UseStrictAndSecureCookies(this IApplicationBuilder app)
{
static void UpdateIfMissing(ref string cookie, ref bool changed, string test, string append)