Since version 1.19.3 nginx supports proxy_cookie_flags, use it!
The Nginx module for removing "Secure" cookie flag
- 1.11.x (last tested: 1.11.2)
Earlier versions is not tested.
- Clone the git repository.
git clone git@github.com:yumauri/nginx_unsecure_cookie_module.git
-
Add the module to the build configuration by adding
--add-module=/path/to/nginx_unsecure_cookie_module
or--add-dynamic-module=/path/to/nginx_unsecure_cookie_module
-
Build the nginx binary.
-
Install the nginx binary.
location / {
unsecure_cookie Secret;
unsecure_cookie *;
unsecure_cookie SessionID;
unsecure_cookie SiteToken;
}
This module for Nginx removes flag "Secure" from cookies in the "Set-Cookie" upstream response headers. It is possible to set a default value using symbol "*". In this case "Secure" flag will be removed from all cookies.
- | - |
---|---|
Syntax | unsecure_cookie <cookie_name|*>; |
Default | - |
Context | server, location |
Description: Removes "Secure" flag from desired cookie.
If you want to have Docker image with this module, you can take this snippet as starting point.
Or, take this Docker image, made by Brice Vandeputte, at your own risk.
Author of original module nginx_cookie_flag_module is
Anton Saraykin [Airisenator@gmail.com]
I just put my dirty hands on his code :)