[github.com/openshift/origin] Insecure cookies in Openshift Origin

In Openshift Origin the cookies being set in console have no ‘secure’, ‘HttpOnly’ attributes.

References

• https://nvd.nist.gov/vuln/detail/CVE-2015-3207
• https://github.com/openshift/origin/pull/2261
• https://github.com/openshift/origin/pull/2291
• https://bugzilla.redhat.com/show_bug.cgi?id=1221882
• https://github.com/advisories/GHSA-rqph-25q9-9jhp