The Secure flag indicates that a cookie may only be transmitted to the server via HTTPS, never via HTTP.