The most popular library for cookie management in Node.js is the appropriately
named cookie package. As of version
0.3.1 it supports the SameSite attribute, and as of version 0.4.0 it supports
the None value.
// Set a same-site cookie for first-party contexts
response.cookie('cookie1', 'value1', { sameSite: 'lax' });
// Set a cross-site cookie for third-party contexts
response.cookie('cookie2', 'value2', { sameSite: 'none', secure: true });If you are depending on an earlier version, you will need to send the
Set-Cookie header directly using
response.setHeader().
Remember, calling this will overwrite anything you may have set earlier in the
process so you will need to set all your cookies here.
response.setHeader('set-cookie', [
'cookie1=value1; SameSite=Lax',
'cookie2=value2; SameSite=None; Secure',
]);