Secure cookies in http mode

Discuss your pilot or production implementation with other Zimbra admins or our engineers.
abatie
Posts: 44
Joined: Thu Aug 07, 2014 12:02 pm

Secure cookies in http mode

Postby abatie » Thu Oct 12, 2017 12:45 am

I'm playing with a development cluster (8.7.11_GA_1854_RHEL7_64) and trying to set it to http mode for testing. I seem to be able to get it into http mode, however, when logging in, it sends a cookie with the Secure attribute:

Set-Cookie: ZM_TEST=true;Secure

As a result, the browser refuses to send the cookie back and the login page pops up a warning that I have cookies disabled. How do I get it to actually work in http mode?

To some extent, I'm glad it's proving very difficult to get it to work insecurely, but it's nuisance in a test environment...


Return to “Administrators”

Who is online

Users browsing this forum: No registered users and 29 guests