ابحث في الدعم

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

secure flag isn't enforced by recent firefox versions when set in cookie config

  • ما من ردود
  • 1 has this problem
  • 3 views
more options

When I used an old version of firefox(v42 as this is an application requirement) the session gets expired immediately after I login with my credentials when secure flag is set in my application(since I am accessing the site through http and not https).

When I inspected the developer console I can see that a new session is created every time. I believe this is the expected behavior since the cookie won't be valid in case of http requests. This doesn't happen in the case of modern versions of firefox. Why is this so? Is this because I am accessing the site on localhost?

Attached screenshots

Modified by Kenrig

عليك الولوج إلى حسابك للردّ على المشاركات. من فضلك اطرح سؤالًا جديدًا لو لم يكن لديك حساب بعد.