COOKIES_SECURE_FLAG setting of "always" not functioning properly

Question

brentgriffin opened this issue 10 years ago · comments

Does not seem to work in any of the browsers.

Steps to recreate:

Have COOKIES_SECURE_FLAG=always in dotmarketing-config.properties file
Access a frontend page via http - i.e. http://localhost:8080/ or http://localhost:8080/products/
Notice that JSESSIONID cookie does NOT have the secure flag set.

Mac OSX 10.9.5 // Java (build 1.7.0_71-b14) // 2.5.7 (Latest build from master-2.5) // Postgres // Chrome 39.0.2171.95 (64-bit) & Firefox 34.0.5

Daniel Silva · Answer 1 · Tue Dec 16 2014 22:54:19 GMT+0800 (China Standard Time)

addressed in ea917c1