diff --git a/htagweb/runners.py b/htagweb/runners.py
index 27151a1..ea6c2cb 100644
--- a/htagweb/runners.py
+++ b/htagweb/runners.py
@@ -70,7 +70,7 @@ async def __call__(self, scope: Scope, receive: Receive, send: Send) -> None:
             uid = str(uuid.uuid4())
 
         security_flags = "httponly; samesite=none"
-        if connection.url.scheme == "https":  # Secure flag can be used with HTTPS only
+        if connection.url.scheme in ["https","wss"]:  # Secure flag can be used with HTTPS only
             security_flags += "; secure"
 
         #!!!!!!!!!!!!!!!!!!!!!!!!!!!