Title: Secure and httponly attribute Last modified: January 10, 2022 --- # Secure and httponly attribute * Resolved [bpevrancken](https://wordpress.org/support/users/bpevrancken/) * (@bpevrancken) * [4 years, 4 months ago](https://wordpress.org/support/topic/secure-and-httponly-attribute/) * Hi, * I like this plugin. It is light-weight, easy and simple to use. * One thing: the cookies generated by this plugin do not carry a secure attribute and/or samesite=lax|strict attribute. Is it possible to modify the code in the plugin so that the browser cookie is sent to the server only when a request is made with the https: scheme? And in addition to enable controls whether or not a cookie is sent with cross-origin requests (samesite attribute)? * Thank you in advance. * Best regards, Bart Vrancken * The page I need help with: _[[log in](https://login.wordpress.org/?redirect_to=https%3A%2F%2Fwordpress.org%2Fsupport%2Ftopic%2Fsecure-and-httponly-attribute%2F%3Foutput_format%3Dmd&locale=en_US) to see the link]_ Viewing 4 replies - 1 through 4 (of 4 total) * Plugin Author [Nikel](https://wordpress.org/support/users/nikelschubert/) * (@nikelschubert) * [4 years, 4 months ago](https://wordpress.org/support/topic/secure-and-httponly-attribute/#post-15241377) * Hi, * in general the plugin sets the sameSite=lax attribute. Can you show me, when it does not set the attribute? * Currently the cookie is set with secure=false and sameSite=lax. At the moment it is not possible to change that. * Can you explain your use case a bit further? * Regards Nikel * Thread Starter [bpevrancken](https://wordpress.org/support/users/bpevrancken/) * (@bpevrancken) * [4 years, 4 months ago](https://wordpress.org/support/topic/secure-and-httponly-attribute/#post-15241485) * Hi * Thank you for your quick reply. I was not entirely clear. * The plugin does indeed set a samesite=lax attribute. But if I want to change the attibute to sameSite=Strict and Secure=True, then this is not possible yet, I understand. Or is it something I can change in the plugin code myself? * Thanks again! * Kind regards, Bart * Plugin Author [Nikel](https://wordpress.org/support/users/nikelschubert/) * (@nikelschubert) * [4 years, 3 months ago](https://wordpress.org/support/topic/secure-and-httponly-attribute/#post-15257589) * Hi [@bpevrancken](https://wordpress.org/support/users/bpevrancken/), * no this is not possible at the moment. Can you explain me why you need this feature? * Regards * Plugin Author [Nikel](https://wordpress.org/support/users/nikelschubert/) * (@nikelschubert) * [4 years, 3 months ago](https://wordpress.org/support/topic/secure-and-httponly-attribute/#post-15281434) * resolved, due to inactivity Viewing 4 replies - 1 through 4 (of 4 total) The topic ‘Secure and httponly attribute’ is closed to new replies. * ![](https://ps.w.org/beautiful-and-responsive-cookie-consent/assets/icon-256x256. png?rev=1959253) * [Beautiful Cookie Consent Banner](https://wordpress.org/plugins/beautiful-and-responsive-cookie-consent/) * [Frequently Asked Questions](https://wordpress.org/plugins/beautiful-and-responsive-cookie-consent/#faq) * [Support Threads](https://wordpress.org/support/plugin/beautiful-and-responsive-cookie-consent/) * [Active Topics](https://wordpress.org/support/plugin/beautiful-and-responsive-cookie-consent/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/beautiful-and-responsive-cookie-consent/unresolved/) * [Reviews](https://wordpress.org/support/plugin/beautiful-and-responsive-cookie-consent/reviews/) * 4 replies * 2 participants * Last reply from: [Nikel](https://wordpress.org/support/users/nikelschubert/) * Last activity: [4 years, 3 months ago](https://wordpress.org/support/topic/secure-and-httponly-attribute/#post-15281434) * Status: resolved