How to set Load Balancer sticky session's cookie to httponly and secure

Load Balancer’s cookie for sticky session setting is by default httponly false and secure false. How to change both properties to true?

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Is there any answer to this question? Security reports pick up Cookies as not having the secure flag set. We don’t use HTTP on the load balancers, these are set to redirect to HTTPS. It would be useful if there were an option to set a Cookie’s secure, httpOnly and SameSite attributes.

I have same question…