HTTPS only
- Environmental Variable:
COOKIE_SECURE
- Config File Key:
cookie_secure
- Type:
bool
- Default:
true
If true, instructs browsers to only send user session cookies over HTTPS.
danger
Setting this to false may result in session cookies being sent in cleartext.