Using nginx to do the reverse proxy, the background is always not receive session, found a Secure cookie properties, said this attribute will make the client access at the time of sending a request, if it is HTTP, will not bring cookies, but I don't know how to cancel this property,

CodePudding user response:

Meet the same problem, check the website manual, after 1.19.3 version, can use proxy_cookie_flag implementation,

Proxy_cookie_flags ~ nosecure;

This said to remove all the cookies in the secure properties, close test are available,

Syntax: proxy_cookie_flags off | cookies/flag... ;
Default:
Proxy_cookie_flags off;
Context: HTTP server, the location
This directive appeared in version 1.19.3.

Sets one or more flags for the cookie. The cookie can contain text, variables, and their combinations, the secure, httponly, samesite=strict, samesite=lax, samesite=none the parameters to the add the corresponding flags. The nosecure, nohttponly, nosamesite parameters remove the corresponding flags.

The cookie can also be specified using regular expressions. In this case, The cookie should start from The "~" symbol.

Several proxy_cookie_flags directives can be specified on the same configuration level:

Proxy_cookie_flags one httponly;
Proxy_cookie_flags ~ nosecure samesite=strict;
If several directives can be applied to the cookie, the first matching directive will be feature. In the example, the httponly flag is added to the cookie, one for all other cookies the samesite=strict flag is added and the secure flag is does.

The off parameter cancels The effect of The proxy_cookie_flags directives inherited from The previous configuration level.