Avatar for Username

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

This thread was archived. Please ask a new question if you need help.

secure flag isn't enforced by recent firefox versions when set in cookie config

  • No replies
  • 1 has this problem
  • 1 view
Kenrig
Kenrig
more options

When I used an old version of firefox(v42 as this is an application requirement) the session gets expired immediately after I login with my credentials when secure flag is set in my application(since I am accessing the site through http and not https).

When I inspected the developer console I can see that a new session is created every time. I believe this is the expected behavior since the cookie won't be valid in case of http requests. This doesn't happen in the case of modern versions of firefox. Why is this so? Is this because I am accessing the site on localhost?

When I used an old version of firefox(v42 as this is an application requirement) the session gets expired immediately after I login with my credentials when secure flag is set in my application(since I am accessing the site through http and not https). When I inspected the developer console I can see that a new session is created every time. I believe this is the expected behavior since the cookie won't be valid in case of http requests. This doesn't happen in the case of modern versions of firefox. Why is this so? Is this because I am accessing the site on localhost?
Attached screenshots

Modified by Kenrig