I have two answers for you: official, and unofficial.
Unofficial: The web server behind Tableau Server is apache/httpd - so if you know how to add a header to the httpd config file to make the cookie secure....then "Maybe"? Keep in mind that this would be a completely untested/unsupported configuration and by hacking the httpd.conf file the server itself would not be considered supportable by Technical Support.
Hope this helps.
Thanks Russell, for unofficial solution and the clarification on technical support;
it would save my time to explore more alternates which would not be supported.
I do not see strong reason to keep secure flag as "No" for such cookies, please share if you have some internal thoughts.
Don’t really have anything of value on the “Why does it work this way” or “Could the current behavior be changed” front, sorry.
1 of 1 people found this helpful
versions released after Feb 19 will have the secure flag set for wgsession IDs if the server is configured for SSL