|
|
|
|
|
|
by amitamb
4715 days ago
|
|
|
I haven't tested it fully but what if https is running on different port i.e. 443 (It is possible.) I believe marking cookie secure will only save you from MITM attack, not from attacks where ports are shared in a domain. i.e. cookies will be sent over https only but to a compromised port. |
|
|