By: Tamás Nacsák user 03 Sep 2019 at 8:55 a.m. CDT

3 Responses
Tamás Nacsák gravatar
Visiting the application, the “secure” attributes were missing from the cookies we received. The affected cookie is * org.gluu.i18n.Locale*. The “Secure” flag would ensure that the cookie will always be passed encrypted from the client to the server. The feature request is to Enable the “Secure” attribute.

By Michael Schwartz staff 03 Sep 2019 at 9:02 a.m. CDT

Michael Schwartz gravatar
Thanks for sharing this feedback. We'll look into it and post here the results.

By Yuriy Movchan staff 03 Sep 2019 at 2:35 p.m. CDT

Yuriy Movchan gravatar
Hi Tamás, Thank you for report. We fixed this in 3.1.7 and 4.0. Regards, Yuriy

By William Lowe staff 04 Sep 2019 at 10:39 a.m. CDT

William Lowe gravatar
Link to fixed [issue](https://github.com/GluuFederation/oxAuth/issues/1145). Thanks, Will