id	summary	reporter	owner	description	type	status	priority	milestone	component	version	resolution	keywords	cc	uname	nginx_version
1701	unable to import module ngx_http_proxy_module to secure cookies	arvindkrbhatt@…		"we are using Nginx running as container but we see cookies/session ids generated are not secure. only few of them seems as secured but others not. we are trying to apply proxy_cookie_path / ""/; HTTPOnly; Secure"";

but we are not sure how to add ngx_http_proxy_module module. this is not available in github.

rather we have used set_cookie_flag HttpOnly secure; with module nginx_cookie_flag_module. 

even then i can't see all cookies are secured."	defect	closed	critical		other	1.8.x	invalid	secure cookies	arvind.kumar.bhatt@…	Linux 0fb24584aa26 4.4.0-112-generic #135-Ubuntu SMP Fri Jan 19 11:48:36 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux 	"nginx version: nginx/1.8.0
built by gcc 4.8.4 (Ubuntu 4.8.4-2ubuntu1~14.04.4)
built with OpenSSL 1.0.1f 6 Jan 2014
TLS SNI support enabled
configure arguments: --add-module=/root/nginx-auth-ldap --add-module=/root/nginx_cookie_flag_module --with-http_ssl_module --with-debug --conf-path=/etc/nginx/nginx.conf --sbin-path=/usr/sbin/nginx --pid-path=/var/run/nginx.pid --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log 
 
"