FELIX-5099 JSESSIONID Cookie in HTTPS Session Without 'Secure' and ‘HttpOnly’ Attributes Applying patch on behalf of Antonio Sanso with many thanks!