Use secure flag for cookies

Using insecure cookies is insecure, part of [defense in depth](https://en.wikipedia.org/wiki/Defense_in_depth_(computing)).
https://github.com/kiesraad/abacus/blob/8746f80a132fbdae5fa4745fa0f389460610bb87/backend/src/api/middleware/authentication/mod.rs#L25-L26

Requires TLS.
_Note: clicked the wrong template, but adding TLS might be an Epic._

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Use secure flag for cookies #2928

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

	/// Only send cookies over a secure (https) connection
	pub const SECURE_COOKIES: bool = false;

Use secure flag for cookies #2928

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions