How to set Secure attribute to Set-cookie in Nginx through nginx.conf file

Remember to do add SameSite=none as well:

location /foo {    proxy_pass http://localhost:4000;    proxy_cookie_path /foo "/; SameSite=None; HTTPOnly; Secure";}

Sources:

1. https://web.dev/samesite-cookies-explained/
2. https://stackoverflow.com/a/56514484/1561922

I had a look at this article https://geekflare.com/httponly-secure-cookie-nginx/

In order to use set_cookie_flag HttpOnly Secure; you need to build nginx from sources and while adding the path of the secure cookie additional module --add-module=/path/to/nginx_cookie_flag_module.

If you don't want to build nginx from sources, you can add only proxy_cookie_path / "/; HTTPOnly; Secure"; to your configuration.

Following the article, it should be enough.

Another alternative option is to:

1. Go to this directory: "/etc/nginx/conf.d".

2. Create an empty text file by the name of ssl.conf (As you see There is example_ssl.conf there).

3. Add the below syntax in ssl.conf (or default.conf):

   server { proxy_cookie_path / "/; HTTPOnly; Secure";}

   note that the whole path "/" will be replaced. For example the directive "proxy_cookie_path /two/ /;" will rewrite “path=/two/one/uri/” to “path=/one/uri/”.

4. Open /etc/nginx/nginx.conf and add following command:

   include /etc/nginx/conf.d/ssl.conf

5. Restart the Nginx to see the results.