edgedb-js
edgedb-js copied to clipboard
In the auth helper libraries, we are not setting `Secure` on the session cookie when possible
We should conditionally set the Secure
cookie attribute in all of the auth helper libraries for the session token to ensure they are not accessible in non-TLS HTTP sessions.