Cannot send secure cookie over unencrypted connection

Given a following code:

import Cookies from "cookies"

export function setSessionTokenCookie(cookie: Cookies, token: string, expiresAt: Date): void {
  cookie.set("sessionId", token, {
    secure: process.env.NODE_ENV === "production", // <-- this is important
    expires: expiresAt,
    sameSite: "lax",
    httpOnly: true,
    path: "/",
  })
}

import Cookies from "cookies"

export function setSessionTokenCookie(cookie: Cookies, token: string, expiresAt: Date): void {
  cookie.set("sessionId", token, {
    secure: process.env.NODE_ENV === "production", // <-- this is important
    expires: expiresAt,
    sameSite: "lax",
    httpOnly: true,
    path: "/",
  })
}

When I deploy the app to a domain that was bought from Cloudlfare which has already HTTPS enabled. I will get the following error Cannot send secure cookie over unencrypted connection when trying to return the cookie from the server to the client.

1 Reply

predragnikolicOP•3mo ago

As I said the Cloudflare domain is server over HTTPS I saw this Domains tab and I can see HTTP there, Trying to enable it to HTTPS and specifing LETs encrypt will result in the domain not being available. (opening the domain will just display a unavailable site)

Gaming

Programming

Cannot send secure cookie over unencrypted connection

Did you find this page helpful?