Update the default cookie_secure value

The default and special `cookie_secure` value should be `'auto'`, not `null`.

Author: tamcy

reference/configuration/framework.rst

@@ -1589,10 +1589,10 @@ The possible values for this option are:
 cookie_secure
 .............
 
-**type**: ``boolean`` or ``null`` **default**: ``null``
+**type**: ``boolean`` or ``'auto'`` **default**: ``'auto'``
 
 This determines whether cookies should only be sent over secure connections. In
-addition to ``true`` and ``false``, there's a special ``null`` value that
+addition to ``true`` and ``false``, there's a special ``'auto'`` value that
 means ``true`` for HTTPS requests and ``false`` for HTTP requests.
 
 cookie_httponly