pierrejeambrun opened a new issue, #47878: URL: https://github.com/apache/airflow/issues/47878
### Body Use another way to check weather or not we need to use `secure` cookie. When TLS is enabled cookies should be secured, when it's not enabled it should not. (Otherwise auth will fail and other cookie based workflow too). Currently we check the config for a certificate to decide that, but most of the time a proxy handles the TLS termination so we should maybe also check `request.secure` or something related to proxy headers forwarding. More context here: https://github.com/apache/airflow/pull/47859#issuecomment-2729487918 ### Committer - [x] I acknowledge that I am a maintainer/committer of the Apache Airflow project. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
