Cookies are always forced to 'secure'

Question

jedimonkey opened this issue 5 years ago · comments

Looks like when some changes were made 2 months ago to handle php7's setcookie parameter changes, secure was set to true and can't be changed.

Can this be fixed to be configurable?

Marcus Collier · Answer 1 · Fri Apr 17 2020 16:39:06 GMT+0800 (China Standard Time)

PR for this issue #12

Marcus Collier · Answer 2 · Fri May 22 2020 15:19:25 GMT+0800 (China Standard Time)

... is it possible to merge my PR?

Martijn Luyckx · Answer 3 · Wed Jun 17 2020 00:54:29 GMT+0800 (China Standard Time)

I have the same issue, and this PR fixes it! Please merge #12 .

Jason Sawyer · Answer 4 · Wed Nov 04 2020 03:43:09 GMT+0800 (China Standard Time)

Just go stuck on this myself. Plugin doesn't work using non secure cookies.

jamiematrix · Answer 5 · Thu Nov 05 2020 19:52:24 GMT+0800 (China Standard Time)

@jsunsawyer Same for me - had been struggling to use the plugin until I found this issue. Making the change manually makes it work for now.

goraxan · Answer 6 · Wed Mar 31 2021 18:12:47 GMT+0800 (China Standard Time)

Same problem here. I can't use this plugin locally since I'm using http in my dev machine.

@khalwat is this intentional? Is there any reason why #12 can't be merged?

Thanks

Andrew Welch · Answer 7 · Wed Mar 31 2021 22:36:59 GMT+0800 (China Standard Time)

Sure... sorry about that, I'll merge it in.

I think part of the reason is Craft's new default setting to to enable secure cookies by default if the protocol is https:

Andrew Welch · Answer 8 · Thu Apr 01 2021 03:10:13 GMT+0800 (China Standard Time)