My Oracle Support Banner

Can the flag "add-secure-to-ssl-cookie" be enabled in Convergence? (Doc ID 2710589.1)

Last updated on MARCH 23, 2022

Applies to:

Oracle Communications Convergence - Version 3.0.2 and later
Information in this document applies to any platform.

Goal

One of our internal teams asked us to set the secure attribute on cookies within Convergence.

They state:

"The Secure attribute tells the browser to only send the cookie if the request is being sent over a secure channel HTTPS so the session tokens used should never be transmitted over unencrypted communications."

How can the flag "add-secure-to-ssl-cookie" be enabled?

Our goal is to implement a scenario where for each cookie sent over SSL on the web-site, the "Secure" flag is added to the cookie. For example:

In our configuration, base.enablealwaysssl is enabled and base.hstsmaxage is set to 300.



Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Goal
Solution


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.