Use Secure cookie attribute (http)

[ja-pt]

Is your feature request related to a problem? Please describe.
We scan our servers with Greenbone (OpenVAS) and the report says that Syspass doesnt set the secure cookie attribute.

Describe the solution you'd like
Described in https://owasp.org/www-community/controls/SecureCookieAttribute

[zezar98]

I think the current implementation is fine, as let us test even in http if we need.

But for production the client must force the server to use https, no point to have a password manager if you access it by http.

This is the documentation from php about that setting:

secure
If true cookie will only be sent over secure connections.