--- a/pyramid_cubicweb/auth.py	Fri Aug 07 11:52:08 2015 +0200
+++ b/pyramid_cubicweb/auth.py	Fri Aug 07 11:59:07 2015 +0200
@@ -144,7 +144,9 @@
                     'hashalg': 'sha512',
                     'cookie_name': 'auth_tkt',
                     'timeout': 1200,
-                    'reissue_time': 120
+                    'reissue_time': 120,
+                    'http_only': True,
+                    'secure': True
                 },
                 prefix=session_prefix,
                 **settings
@@ -158,7 +160,9 @@
                     'hashalg': 'sha512',
                     'cookie_name': 'pauth_tkt',
                     'max_age': 3600*24*30,
-                    'reissue_time': 3600*24
+                    'reissue_time': 3600*24,
+                    'http_only': True,
+                    'secure': True
                 },
                 prefix=persistent_prefix,
                 **settings