Add "secure" in cookie by httpd server
Posted
by
Abhishek
on Server Fault
See other posts from Server Fault
or by Abhishek
Published on 2012-03-31T05:00:16Z
Indexed on
2012/03/31
5:31 UTC
Read the original article
Hit count: 253
How do I have to configure my httpd server to add "Secure" in the cookies? I tried the one in the below link,
http://blog.modsecurity.org/2008/12/fixing-both-missing-httponly-and-secure-cookie-flags.html
but this did not seem to be working. I inspected the cookie via firebug and found that the cookies have "HttpOnly" but not "Secure". I double checked the configurations and they the same as mentioned in the link.
I also noticed that the server response time goes bit high when doing it by mod_security. Is there a better way to do it?
Any ideas or pointers to configurations would be helpful
© Server Fault or respective owner