So in my app.js file I have this: app.use(session({secret: 'mySecret', resave: false, saveUninitialized: false}));

This works fine but es up with a warning:

Cookie “connect.sid” will be soon rejected because it has the “sameSite” attribute set to “none” or an invalid value, without the “secure” attribute. To learn more about the “sameSite“ attribute, read

Then it will randomly stop working. If I change session to this: app.use(session({secret: 'mySecret', resave: false, saveUninitialized: false, sameSite: true, cookie: {secure: true}}));it bees undefined.

I am trying to save 2 different id's: req.session.qrID and req.session.visitID;

It is used in a number of post requests. What can I do to make this work?

So in my app.js file I have this: app.use(session({secret: 'mySecret', resave: false, saveUninitialized: false}));

This works fine but es up with a warning:

Cookie “connect.sid” will be soon rejected because it has the “sameSite” attribute set to “none” or an invalid value, without the “secure” attribute. To learn more about the “sameSite“ attribute, read https://developer.mozilla/docs/Web/HTTP/Cookies

Then it will randomly stop working. If I change session to this: app.use(session({secret: 'mySecret', resave: false, saveUninitialized: false, sameSite: true, cookie: {secure: true}}));it bees undefined.

I am trying to save 2 different id's: req.session.qrID and req.session.visitID;

It is used in a number of post requests. What can I do to make this work?

• javascript
• node.js
• express
• session
• cookies

1 Answer 1

I've just googled this warning i saw in the console and got here LOL. It's actually related to express session cookie cross site policy that is set, more info here under cookie.sameSite http://expressjs./en/resources/middleware/session.html

I got rid of mine by setting it to strict but you can also set it to none if you want

app.use(
session({
    secret: process.env.SESSION_SECRET!,
    resave: false,
    saveUninitialized: false,
    cookie: { sameSite: 'strict' },
  }),
);