'Nginx remove Secure Flag to Cookies from proxied server
I'm using Nginx as a reverse proxy server. Is it possible to Remove the "secure" flag to the cookies somehow using Nginx? Modifying the path is possible so I guess it's also possible to modify cookie.
Solution 1:[1]
An imperfect method:
proxy_cookie_path "~*^(.*?)$" $1\nX-User-Value:;
Solution 2:[2]
I know this is quite old question, but there is no answer here and I couldn't find fine solution for the same problem.
So I forked nginx_cookie_flag_module module and changed it to nginx_unsecure_cookie_module:
https://github.com/yumauri/nginx_unsecure_cookie_module
I'm frontend developer, my C/C++ knowledges are super low, but looks like it is working in my tests :) So I reckon it is good enough for development reasons.
Solution 3:[3]
Since nginx 1.19.3 you can use http://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_cookie_flags. For example:
proxy_cookie_flags some_cookie nosecure;
To remove the Secure flag from all cookies:
proxy_cookie_flags ~ nosecure;
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 | wangcj |
| Solution 2 | yumaa |
| Solution 3 | kszafran |