why are there some applications written where SSL is manually set?
What do you mean by that? A web app may or may not use SSL, but it needs to be enabled for the server to begin with.
Whether or not some cookie is set as secure is independent of whether an app implements SSL. Obviously, if the app does not use SSL, then setting the cookie as secure will not work.