Open Closed

how to set cookie secure flag #10701


0
sachin.kulkarni@ikione.com created

ABP Framework version: 5.2.5 Angular version: 8.2.5 I would like to set SECURE: TRUE in HttpOnly flag If there is any way to set the SECURE value to TRUE will be great.

The requirement was recomended/suggested by our security expert.


5 Answer(s)
  • 0
    musa.demir created
    Support Team

    Can you please be more specific. Which cookie are you talking about?

  • 0
    sachin.kulkarni@ikione.com created

    We wanted to set the apb.cookie to secure=true.

    Thanks sachin

  • 0
    ismcagdas created
    Support Team

    Hi,

    Since Angular app uses values of those cookies, you can't set HttpOnly to true. In that case, Angular app can't read values. However, you can use local storage or an approach like this one https://github.com/aspnetzero/aspnet-zero-core/issues/2611

  • 0
    sachin.kulkarni@ikione.com created

    Hi,

    Correct we cannot set the HttpOnly to true but can we set the secure to true only.

    Thanks, sachin

  • 0
    ismcagdas created
    Support Team

    Thanks @sachin

    Let me know if that doesn't work for you.