5 replies

cross-site cookie in express

I see past issues with cross domain cookies am not sure if a resolution was reached

i've resorterd to disabing secure cookies to work around this

  advanced: {
    useSecureCookies: false,
  },

  advanced: {
    useSecureCookies: false,
  },

I remember when i faced the same in anoter epress app and ended up handling it like this

const refreshCookieOptions: CookieOptions = {
  httpOnly: true,
  secure: true,
  sameSite: "none",
  path: "/",
  expires: new Date(Date.now() + 7 * 24 * 60 * 60 * 1000), // expires in 7 days
  maxAge: 7 * 24 * 60 * 60, // expires in 7 days
} as const;

const accessTokencookieOptions: CookieOptions = {
  httpOnly: true,
  secure: true,
  sameSite: "none",
  path: "/",
  expires: new Date(Date.now() + 12 * 60 * 1000), // expires in 12 minutes
  maxAge: 12 * 60, // expires in 12 minutes
} as const;

const refreshCookieOptions: CookieOptions = {
  httpOnly: true,
  secure: true,
  sameSite: "none",
  path: "/",
  expires: new Date(Date.now() + 7 * 24 * 60 * 60 * 1000), // expires in 7 days
  maxAge: 7 * 24 * 60 * 60, // expires in 7 days
} as const;

const accessTokencookieOptions: CookieOptions = {
  httpOnly: true,
  secure: true,
  sameSite: "none",
  path: "/",
  expires: new Date(Date.now() + 12 * 60 * 1000), // expires in 12 minutes
  maxAge: 12 * 60, // expires in 12 minutes
} as const;

cross-site cookie in express

Similar Threads

cross-site cookie in express

Similar Threads

Similar Threads

Similar Threads