Hi all,
by default only for “session_id” httponly has been enabled
how to enable it for all the remaining cookies in the frappe ?
Managed to get it working on kubernetes using Annotations - Ingress-Nginx Controller
Added following annotation on ingress.
...
annotations:
nginx.ingress.kubernetes.io/configuration-snippet: |
proxy_cookie_flags ~ secure httponly;
...
Translate the nginx config to your setup.