Forum Discussion
Vitaliy_Savrans
Feb 25, 2014Nacreous
Hi, The Secure attribute for sensitive cookies in HTTPS sessions is not set, which could cause the user agent to send those cookies in plaintext over an HTTP session. To fix this:
when HTTP_RESPONSE {
set myValues [HTTP::cookie names]
foreach mycookies $myValues {
HTTP::cookie secure $mycookies enable
}
}