Reputation: 573
How do I use cookies in express session - connect.sid will soon be rejected
So in my app.js file I have this: app.use(session({secret: 'mySecret', resave: false, saveUninitialized: false}));
This works fine but comes up with a warning:
Cookie “connect.sid” will be soon rejected because it has the “sameSite” attribute set to “none” or an invalid value, without the “secure” attribute. To learn more about the “sameSite“ attribute, read https://developer.mozilla.org/docs/Web/HTTP/Cookies
Then it will randomly stop working. If I change session to this: app.use(session({secret: 'mySecret', resave: false, saveUninitialized: false, sameSite: true, cookie: {secure: true}}));it becomes undefined.
I am trying to save 2 different id's: req.session.qrID and req.session.visitID;
It is used in a number of post requests. What can I do to make this work?
Upvotes: 4
Views: 4378
Answers (1)
Reputation: 182
I've just googled this warning i saw in the console and got here LOL. It's actually related to express session cookie cross site policy that is set, more info here under cookie.sameSite http://expressjs.com/en/resources/middleware/session.html
I got rid of mine by setting it to strict but you can also set it to none if you want
app.use(
session({
secret: process.env.SESSION_SECRET!,
resave: false,
saveUninitialized: false,
cookie: { sameSite: 'strict' },
}),
);
Upvotes: 9
Related Questions
- nodejs cookie-session typeerror
- Express nodejs session cookies: req.cookies['connect.sid'] is not generated and req.sessionID is different after each refresh
- Can't not set cookie in express-session using node.js
- node js Cannot read property 'connect.sid' of undefined
- express-session won't set cookie connect.sid
- Get value for cookie connect.sid key in Express Node.js
- NodeJS cookies don't work with sessions in Express 4
- ExpressJS sessions with cookies
- Express Session + Angular: can't access connect.sid cookie
- NodeJs and ExpressJs Cannot Set Cookie