Starting in v19, 4D web server now enables the "Secure" attribute by default in the response cookie unlike in previous versions.

v19:


v18:


While some browsers can set secure cookies over insecure channels like HTTP, not all client apps may be able to set this attribute and send a secure cookie back to the server. In this case, this may case 4D REST login errors and it would be highly recommended to set up a HTTPS server instead to resolve this issue.