Can the flag "add-secure-to-ssl-cookie" be enabled in Convergence?
(Doc ID 2710589.1)
Last updated on JUNE 22, 2023
Applies to:Oracle Communications Convergence - Version 3.0.2 and later
Information in this document applies to any platform.
One of our internal teams asked us to set the secure attribute on cookies within Convergence.
"The Secure attribute tells the browser to only send the cookie if the request is being sent over a secure channel HTTPS so the session tokens used should never be transmitted over unencrypted communications."
How can the flag "add-secure-to-ssl-cookie" be enabled?
Our goal is to implement a scenario where for each cookie sent over SSL on the web-site, the "Secure" flag is added to the cookie. For example:
In our configuration, base.enablealwaysssl is enabled and base.hstsmaxage is set to 300.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document