set http only and secure flag for cookies in lighttpd

Question

We are using lighttpd web server in our code base. It is that we need to add SECURE and HTTP ONLY flags for the cookie.

I have gone through many examples but all are related to PHP and some other kanguage. We don't use PHP in our code. Is there anyway that I can get this? Can anything be done in the .conf file like in apache web server.

I have tested apache web server by adding changes in the httpd.conf and checked the packet capture. It worked. But unable to achieve this in lighttpd.

We use C language in the backend.

score 1 · Answer 1 · answered Dec 11 '14 at 12:45

1

Well, To answer my own question.

There is nothing to do with the lighttpd.conf as of httpd.conf for apache.

We are setting the cookie header in a lua file(Kepler). Appending secure to that cookie header fixed the issue.

answered Dec 11 '14 at 12:45

Raghu Srikanth Reddy

2,703
33
29
42

set http only and secure flag for cookies in lighttpd

1 Answers1