COOKIES_SECURE_FLAG setting of "always" not functioning properly
brentgriffin opened this issue · comments
Brent Griffin commented
Does not seem to work in any of the browsers.
Steps to recreate:
- Have COOKIES_SECURE_FLAG=always in dotmarketing-config.properties file
- Access a frontend page via http - i.e. http://localhost:8080/ or http://localhost:8080/products/
- Notice that JSESSIONID cookie does NOT have the secure flag set.
Mac OSX 10.9.5 // Java (build 1.7.0_71-b14) // 2.5.7 (Latest build from master-2.5) // Postgres // Chrome 39.0.2171.95 (64-bit) & Firefox 34.0.5
Daniel Silva commented
addressed in ea917c1