After looking up secure cookies, it would appear you have to be on a secure server to use them (and use https for calls).

secure server? https? No, thats not secure cookies -- sure it enhances "secure cookies" but not a requirement