The __Host prefix mitigates cookie injection vulnerabilities within potential third-party software sharing the same second level domain. It is an additional hardening on top of ‘normal’ same-site cookies.
HI I tried the method in the forum, the error is also displayed, and there is only A but not A+, does anyone have a better suggestion?
‘overwriteprotocol’ => ‘https’,
Header edit Set-Cookie ^(.*)$ “$1;HttpOnly;Secure;SameSite=Strict”
The test, and also the messages in the admin interface, they are not always hard error messages where something is really broken, often these are warnings and tips what you can do better but it doesn’t apply in all cases.