Securing Redmine session cookie: _redmine_session
I´m using Redmine 2.1.4 and I need to configure the redmine cookie with the flag "secure".
In the config file: /config/application.rb the session store it´s configured:
config.session_store :cookie_store, :key => '_redmine_session'
It´s possible to configure something like this?:
config.session_store :cookie_store, :key => '_redmine_session', :secure => true
I'm using Redmine 2.6.0 and your example is working fine for me!
This approach is not universal. For example, after setting this option one won't be able to access redmine via http://localhost url.
RE: Securing Redmine session cookie: _redmine_session - Added by Ismael Morales Alcaide about 3 years ago
with Redmine 2.6.5 the problem continues. Same in Secure cookie not working