Ticket #1375 (closed enhancement: fixed)
[PATCH] add config option to set secure bit on visit cookies
|Reported by:||corvus||Owned by:||anonymous|
Sites that use the visit/identity framework for authentication and authorization may want to have the secure bit set on cookies. This causes them to only be sent over HTTPS but not HTTP. The attached patch adds a config option (defaulting to False) to enable this behavior.