rickygrimes
Reputation: 2716
Cookies set secureflag to true
What happens if secureflag is set to true in case of http requests? Should it be set to true only if requests are being coming from https clients? This blog here says so.
If someone here can please explain what are the disadvantages of setting this flag to true, that will be great help.
Upvotes: 1
Views: 109
Answers (1)
Karthikeyan
Reputation: 2724
By setting 'secureflag' is true , you are insisting the browser to transmit your cookies only over the SSL. In case, if it is non SSL, then the Cookies will not be shared. For better understanding read this doc.
Upvotes: 2
Related Questions
- Add Secure and httpOnly Flags to Every Set-Cookie Response in Apache httpd
- Browsers ignore Set-Cookie response header if we try to set a cookie which was Secure before
- Reading cookies via HTTPS that were set using HTTP
- js-cookie not setting cookies when secure flag is enabled
- Secure: true on cookie for forced https
- How to set cookies HTTPOnly and secure attributes?
- Cookies set as "secure" do not appear in Chrome and IE
- Cookie without Secure flag and HttpOnly flag set
- ASP.NET Cookie not set when using https
- Disabled cookies