[BUG] CSRF - Set-Cookie with secure flag

As mentioned on Github issue, there is bug with CSRF token with Set-Cookie secure flag.