the property Session.Secure, which value of header is reading and return true/false ? I am asking, because I have the standalone web application behind of Nginx/haproxy and when I change to SSL(https), always Session.Secure returns false.
With proxy the session has no idea that it’s secure.
If it is only to rewrite any header value, this is possible from the nginx. So, the question is how the session gets the idea that the connection is https or http. Through the header request ? And which attribute is reading ?
Well, I would expect that the WebSession either sees requests coming via HTTP or HTTPS.
Ah, there is a CGI Variable called https which is “on” if https is used. Maybe they evaluate that?
I tried … its not working. I found alternative solutions and I will not use the session.secure/. But , if there is any workaround for the session.secure, please write here.