The browser will never send secure cookies with requests that are not encrypted . With Flask, you can control the secure flag on the session cookie with the SESSION_COOKIE_SECURE configuration setting. By default, it is set to False , which makes the session cookie available to both HTTP and HTTPS connections.
Are Flask cookies secure?
The browser will never send secure cookies with requests that are not encrypted . With Flask, you can control the secure flag on the session cookie with the SESSION_COOKIE_SECURE configuration setting. By default, it is set to False , which makes the session cookie available to both HTTP and HTTPS connections.