Comments (13)
Ah, nevermind. The issue that I am trying to fix is with a project that doesn't use Pouchdb session, but still uses express-session. I checked in my node_modules for that package, but I couldn't find it. Thank you though!
from session.
I did some playing around while investigating Wingysam/Christmas-Community#17 and it appears that the cookie options aren't respected at all. Not even the default options are being applied, so we just set the cookie with 0 options (including no path)
Further investigation revealed that the issue that I was running into lies within a different library that was being used, causing the conversion of the cookie object to a normal object
from session.
@frostyfrog Which library was giving you this problem?
from session.
Pouchdb session. They have a 4y old issue on the problem over here:
solzimer/session-pouchdb-store#2
from session.
This is happening to me too!
The default one is applied! I'm using the session with Mongo store as well, and no matter the changes to the options is always the same result!
from session.
Same here. @m-a-h1 were you able to sort this?
from session.
Same here.
from session.
Someone needs to provide a reproducable example we can run and see the issue or please make a PR. I cannot reproduce the issue so far just guessing at what the code should be to have the issue.
from session.
@dougwilson In my case I have this code
const options = {
secret: process.env.SESSION_SECRET,
resave: false,
saveUninitialized: true,
store: new MongoStore({ mongooseConnection: mongoose.connection, collection: 'session' }),
cookie: { secure: false },
};
if (isProd) {
options.cookie.secure = true;
}
Let me know if something is wrong
from session.
Hi @t-araujo nothing aeems wrong with that. What kind of problem are you having with that code?
from session.
@dougwilson The problem is the secure flag is not set in the requests. no matter what code I do even if I remove the IF and set secure = true
in the options object!
from session.
Hi @t-araujo interesting. The test suite and my own apps don't seem to have an issue. I wonder, is your app behind a proxy? If it is, have you set up the proxy stuff from https://github.com/expressjs/session?tab=readme-ov-file#cookiesecure or https://github.com/expressjs/session?tab=readme-ov-file#proxy ?
Otherwise I am not sure why it is not qorking for you. If you can perhaps provide a simple app that I can copy and paste and run and provide instructions for how you are calling it I can replicate and see the issue, I can debug it. You are also welcome to debug and determine a fix and make a PR. If you have other ideas for how to move forward different from those, I am happy to hear them too!
from session.
Related Issues (20)
- When Run frontend and backend in diff domain it not working HOT 2
- Undefined session object with apollo v4 express and express-session HOT 1
- Regenerated session is re-saved even if not modified since save HOT 1
- Allow for sessions to be shared between subdomains. HOT 1
- Invalid argument type express-session "1.17.3" and redis "4.6.7", HOT 1
- Request session destroy does not always resolve before returning HOT 1
- TypeError: Cannot read properties of undefined (reading 'reload') HOT 4
- [FEATURE REQUEST] Session Async Methods
- `SESSION.DESTROY()` DOES NOT DELETE SESSION. HOT 7
- A `destroy`ed session is still `touch`ed HOT 1
- [Feature Request] Support of phasing out third-party cookies HOT 16
- req.sessionStore.all with typescript bug? HOT 7
- Don't `Set-Cookie` for static/public files? HOT 2
- Issue HOT 1
- Can't set partitioned cookie even though I updated all of the package HOT 6
- 'sha1' hash algorithm used at index.js is unsafe HOT 3
- Any good ways to refresh database data with a session? HOT 4
- Get session object from `req.session` outside of request context HOT 3
- express session is failing because session is undefined HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from session.