You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Gil Pratte <gi...@gmail.com> on 2011/05/23 21:40:27 UTC
[users@httpd] cookie secure flag
Hello all,
I'm using apache http as a reverse proxy to tomcat. http takes care of the
ssl encryption.
Can anyone enlighten me on how to set the cookie secure flag to true.
thanks in advance,
gilbert
Re: [users@httpd] cookie secure flag
Posted by Mark Brodis <ma...@colorado4x4.net>.
What I have done is do a edit-header to append the "Secure" onto the
Set-Cookie command coming back from the app-container through the web
server. The header edit command is only available on 2.2 (likely 3.X also),
but not on 2.0.
Example:
Header edit Set-Cookie ^(.*)$ $1;Secure;
-Mark
On Mon, May 23, 2011 at 1:40 PM, Gil Pratte <gi...@gmail.com>wrote:
> Hello all,
>
> I'm using apache http as a reverse proxy to tomcat. http takes care of the
> ssl encryption.
>
> Can anyone enlighten me on how to set the cookie secure flag to true.
>
> thanks in advance,
>
> gilbert
>