change the "secure" and "httpOnly" attributes of the session "cookie-agreed" and "cookie-agreed-version"

Created on 10 January 2023, over 1 year ago

Updated 9 May 2024, about 2 months ago

I need to change the "secure" and "httpOnly" values of the cookies, as I am getting a vulnerability error "CWE-614: Sensitive Cookie in HTTPS Session Without 'Secure' Attribute".
I have tried from the settings.php using the following code:
ini_set('session.cookie_secure', 1);
However it didn't work, I also tried with some modules but it didn't work either.

✨ Feature request

Status

Active

Version

1.0

Component

Code

Created by

LeJuanChis

Live updates comments and jobs are added and updated live.

Eu Cookie Compliance

Incomplete comments

Comments & Activities

Not all content is available!

It's likely this issue predates Contrib.social: some issue and comment data are missing.

Comment 9 months ago →
🇳🇴Norway svenryen
I'll assume this report concerns 8.x-1.x.
Comment about 2 months ago →
La19913
Does anyone have an idea about this issue? i use drupal 10 and the module eu cookie compliance

contrib.social Blog FAQ Discussions

Production build 0.69.0 2024