Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Flask session cookie secure flag is not getting set.
See original GitHub issueExpected Behavior
Flask session cookie secure flag is not getting set. One chrome developer tools, i see in the cookie sesction. the cookie name “session” is not have secure colum checked.
app.config.update(
SESSION_COOKIE_SECURE=True, - -> This one
DEBUG=True,
REMEMBER_COOKIE_SECURE=True,
)
Actual Behavior
Paste the full traceback if there was an exception.
Environment
- Python version: 3.6
- Flask version: 1.x
- Werkzeug version:
Issue Analytics
- State:
- Created 3 years ago
- Comments:8 (3 by maintainers)
Top Results From Across the Web
Set "secure" attribute for Flask cookies - python - Stack Overflow
The secure flag for Flask's session cookie can be enabled in the Flask configuration. SESSION_COOKIE_SECURE = True. To set it for other ...
Read more >Cookie Security for Flask Applications - miguelgrinberg.com
With Flask, you can control the secure flag on the session cookie with the SESSION_COOKIE_SECURE configuration setting.
Read more >secure-set-cookie - Semgrep
Flask cookies should be handled securely by setting secure=True, httponly=True, and samesite='Lax' in response.set_cookie(...). If these parameters are not ...
Read more >Flask-Session — Flask-Sessions 0.0.4 documentation
If this is not set the cookie will be valid for all of APPLICATION_ROOT or if that is not set ... controls if...
Read more >Secure Cookie — Werkzeug Documentation (0.16.x)
This module implements a cookie that is not alterable from the client because it adds a checksum the server checks for. You can...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
I was to fix this issue. thanks for your support.
Its a https site, even in the app home page, i don’t have any manual cookie. Yes am using flask-wtf for csrf, that is getting set in the flask session , Okay i will check in stack overflow.