On 03/29/2013 01:55 AM, Ron Monzillo wrote:
> Specifies whether any session tracking cookies created
> by this web application will be marked as secure. When true,
> all session tracking cookies must be marked as secure independent
> of the nature of the request that initiated the corresponding session.
> When false, the session cookie should only be marked secure if the
> request that initiated the session was secure.
I am not convinced this is the best behavior, but since it's a very
minor concern +1.
Rémy