secure and httponly cookies

[Aapo Talvensaari]

On Tuesday, 8 March 2016, Krishna Kumar K K <krishna at brocade.com> wrote:

> I am able to modify the set-cookie header from the server to flag it
> secure. I am trying to do the same in the request header as well.
>

Those flags are instructions to client. They don't have meaning on request
headers. Only on response headers.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20160308/da92d2a1/attachment.html>