最新消息:雨落星辰是一个专注网站SEO优化、网站SEO诊断、搜索引擎研究、网络营销推广、网站策划运营及站长类的自媒体原创博客

javascript - How do I use cookies in express session - connect.sid will soon be rejected - Stack Overflow

programmeradmin8浏览0评论

So in my app.js file I have this: app.use(session({secret: 'mySecret', resave: false, saveUninitialized: false}));

This works fine but es up with a warning:

Cookie “connect.sid” will be soon rejected because it has the “sameSite” attribute set to “none” or an invalid value, without the “secure” attribute. To learn more about the “sameSite“ attribute, read

Then it will randomly stop working. If I change session to this: app.use(session({secret: 'mySecret', resave: false, saveUninitialized: false, sameSite: true, cookie: {secure: true}}));it bees undefined.

I am trying to save 2 different id's: req.session.qrID and req.session.visitID;

It is used in a number of post requests. What can I do to make this work?

So in my app.js file I have this: app.use(session({secret: 'mySecret', resave: false, saveUninitialized: false}));

This works fine but es up with a warning:

Cookie “connect.sid” will be soon rejected because it has the “sameSite” attribute set to “none” or an invalid value, without the “secure” attribute. To learn more about the “sameSite“ attribute, read https://developer.mozilla/docs/Web/HTTP/Cookies

Then it will randomly stop working. If I change session to this: app.use(session({secret: 'mySecret', resave: false, saveUninitialized: false, sameSite: true, cookie: {secure: true}}));it bees undefined.

I am trying to save 2 different id's: req.session.qrID and req.session.visitID;

It is used in a number of post requests. What can I do to make this work?

Share Improve this question asked May 25, 2020 at 8:59 imatworkimatwork 5738 silver badges16 bronze badges
Add a ment  | 

1 Answer 1

Reset to default 9

I've just googled this warning i saw in the console and got here LOL. It's actually related to express session cookie cross site policy that is set, more info here under cookie.sameSite http://expressjs./en/resources/middleware/session.html

I got rid of mine by setting it to strict but you can also set it to none if you want

app.use(
session({
    secret: process.env.SESSION_SECRET!,
    resave: false,
    saveUninitialized: false,
    cookie: { sameSite: 'strict' },
  }),
);
发布评论

评论列表(0)

  1. 暂无评论