I have following setup for cookie session middleware in my express app:
app.use(
cookieSession({
name: '__session',
keys: [env.COOKIE_SIGNING_SECRET],
maxAge: COOKIE_MAX_AGE,
sameSite: 'none',
httpOnly: true,
secure: false,
signed: true,
})
);When a request is made from client, the response doesn't have Secure attribute in Set Cookie header. Please refer to attached screenshot for more details.
Because of the missing Secure attribute chrome doesn't store the cookie. It works fine in Safari and Firefox. How do i set the value of secure attribute?
Thanks.
I have following setup for cookie session middleware in my express app:
When a request is made from client, the response doesn't have
Secureattribute inSet Cookieheader. Please refer to attached screenshot for more details.Because of the missing
Secureattribute chrome doesn't store the cookie. It works fine in Safari and Firefox. How do i set the value ofsecureattribute?Thanks.