How to check the existence of a http-only secure cookie nginx-forum at
Mon Mar 11 21:54:01 UTC 2013

http-only and secure are directives intended for browser. If the browser
doesn't detect HTTP proto for  http-only setting and SSL for secure setting
then browser will drop the cookie and will never make it to the web server.

Posted at Nginx Forum:,236394,237245#msg-237245

More information about the nginx mailing list