Skip to main content

HTTPS only

  • Environmental Variable: COOKIE_SECURE
  • Config File Key: cookie_secure
  • Type: bool
  • Default: true

If true, instructs browsers to only send user session cookies over HTTPS.

danger

Setting this to false may result in session cookies being sent in cleartext.