how to set cookie secure flag #10701

[email protected] created one year ago

ABP Framework version: 5.2.5 Angular version: 8.2.5 I would like to set SECURE: TRUE in HttpOnly flag If there is any way to set the SECURE value to TRUE will be great.

The requirement was recomended/suggested by our security expert.

5 Answer(s)

0

musa.demir created one year ago

Can you please be more specific. Which cookie are you talking about?
0

[email protected] created one year ago

We wanted to set the apb.cookie to secure=true.

Thanks sachin
0

ismcagdas created one year ago
Support Team

Hi,

Since Angular app uses values of those cookies, you can't set HttpOnly to true. In that case, Angular app can't read values. However, you can use local storage or an approach like this one https://github.com/aspnetzero/aspnet-zero-core/issues/2611
0

[email protected] created one year ago

Hi,

Correct we cannot set the HttpOnly to true but can we set the secure to true only.

Thanks, sachin
0

ismcagdas created one year ago
Support Team

Thanks @sachin

Let me know if that doesn't work for you.

Have an answer to this question? Log in and write your answer.