See, for example the CGI documentation, if you are using CGI to send your cookies. If you use something else to send your cookies, you will have to look at that documentation for how to add the flag to the cookie header line.