Re: cookie secure flag

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: users@xxxxxxxxxxxxxxxx
Subject: Re: cookie secure flag
From: Mark Brodis <mabrodis@xxxxxxxxxxxxxxx>
Date: Mon, 23 May 2011 13:59:27 -0600
In-reply-to: <BANLkTinHa8Vi2Obnwk_Ets2RWySMVRw2cA@xxxxxxxxxxxxxx>
Reply-to: users@xxxxxxxxxxxxxxxx

What I have done is do a edit-header to append the "Secure" onto the Set-Cookie command coming back from the app-container through the web server. The header edit command is only available on 2.2 (likely 3.X also), but not on 2.0.

Example:

Header edit Set-Cookie ^(.*)$ $1;Secure;

-Mark

On Mon, May 23, 2011 at 1:40 PM, Gil Pratte <gilbert.pratte@xxxxxxxxx> wrote:

Hello all,

I'm using apache http as a reverse proxy to tomcat. http takes care of the ssl encryption.

Can anyone enlighten me on how to set the cookie secure flag to true.

thanks in advance,

gilbert

References:
- cookie secure flag
  - From: Gil Pratte

Prev by Date: Re: RE: How to check whether apache support FIPS 140-2
Next by Date: MPM worker question
Previous by thread: cookie secure flag
Next by thread: MPM worker question
Index(es):
- Date
- Thread

[Index of Archives] [Open SSH Users] [Linux ACPI] [Linux Kernel] [Linux Laptop] [Kernel Newbies] [Security] [Netfilter] [Bugtraq] [Squid] [Yosemite News] [MIPS Linux] [ARM Linux] [Linux Security] [Linux RAID] [Samba] [Video 4 Linux] [Device Mapper]