From c5d21025c475d6d52de3a2abeb0bf04bb33591f3 Mon Sep 17 00:00:00 2001
From: Jeremy Benoist <jeremy.benoist@gmail.com>
Date: Wed, 6 Sep 2023 12:14:29 +0200
Subject: [PATCH] Force secure cookie on HTTPS connection

---
 app/config/config.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/app/config/config.yml b/app/config/config.yml
index 04607b68c..2155a2017 100644
--- a/app/config/config.yml
+++ b/app/config/config.yml
@@ -29,6 +29,7 @@ framework:
         # handler_id set to null will use default session handler from php.ini
         handler_id: session.handler.native_file
         save_path: "%kernel.project_dir%/var/sessions/%kernel.environment%"
+        cookie_secure: auto
     fragments: ~
     http_method_override: true
     assets: ~