-
Notifications
You must be signed in to change notification settings - Fork 569
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat: disable cookie by default and add sameSite attribute
The cookie might be used for sticky-session, but is not mandatory so it makes sense to disable it by default. The change also add a SameSite=Lax attribute by default. Breaking change: the syntax has changed from ``` new Server({ cookieName: "test", cookieHttpOnly: false, cookiePath: "/custom" }) ``` to ``` new Server({ cookie: { name: "test", httpOnly: false, path: "/custom" } }) ``` All other options (domain, maxAge, sameSite, ...) are now supported. Reference: https://github.com/jshttp/cookie#options-1
- Loading branch information
1 parent
31ff875
commit a374471
Showing
3 changed files
with
80 additions
and
56 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters