It is our intention to add the
secure flag to the WarwickSSO cookie that's scoped over
.warwick.ac.uk. This would mean that if you were accessing a page over HTTP (e.g. http://myserver.warwick.ac.uk) modern browsers would not send the WarwickSSO cookie so it would not be possible to use this for authentication.
Please let us know if this would cause a problem for your services. Unless we receive a request to delay, it is our intention to start setting the secure flag from
Monday 3rd December 2018.
Update (26/11/18): This change has now been rescheduled for Monday 15th April 2019