Jump to content
scott001

Insecure Cookies

Recommended Posts

Is there a setting to make my cookies secure, as currently they are not secure:

The following Cookies are not secure, you should add the Secure instruction in the Set-Cookie HTTP header:

www.celiac.com/adserv/www/delivery/lg.php?banner[...]celiacs%2F&cb=f3814766b9

  • set-cookie: spcsrf=58357e9856fb6e2fa93de7f9cdfc37e6; Expires=Thu, 02-May-19 23:52:50 GMT; Path=/; HttpOnly; SameSite=Strict
  • set-cookie: UTGv2=D-h4c33fdc6d399b6de8496e40aa580775b642; Expires=Fri, 01-May-20 21:52:50 GMT; Path=/

https://www.celiac.com/adserv/www/delivery/asyncjs.php

  • set-cookie: spcsrf=6520eb79b20bf2806ff4d56baf063477; Expires=Thu, 02-May-19 23:52:48 GMT; Path=/; HttpOnly; SameSite=Strict
  • set-cookie: UTGv2=D-h42c4ac14766f5128084800ade37ed3e0344; Expires=Fri, 01-May-20 21:52:48 GMT; Path=/

Share this post


Link to post
Share on other sites

Chrome states that options should be SameSite=None Secure

Error

A cookie associated with a cross-site resource at http://example.com/ was set without the `SameSite` attribute. A future release of Chrome will only deliver cookies with cross-site requests if they are set with `SameSite=None` and `Secure`. You can review cookies in developer tools under Application>Storage>Cookies and see more details at https://www.chromestatus.com/feature/5088147346030592 and https://www.chromestatus.com/feature/5633521622188032.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.




×
×
  • Create New...