-
-
Notifications
You must be signed in to change notification settings - Fork 3.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Hard to set cookie secure = true
by default
#320
Comments
waiting on #281 and cookies v2 cc @dougwilson |
I'm on it :) Though I think the question could be solved by changing the referenced line 54 to secure = req.protocol === 'https' || req.connection.encrypted for the time being. It would also mean that people wouldn't need to copy their proxy settings over to |
@fengmk2 try the |
don't run the code, but seems like req in cookies is the original http request in node, but the |
@jonathanong We should pass |
@jonathanong but not sure this can work for |
yeah. ideally anything we need is configurable. make suggestions in the cookies repo :) |
should we keep this issue open before |
I found out hard to detect https or http inside my app environment, it deps nginx config, and nginx config out of our controller. |
According https://github.com/expressjs/cookies/blob/master/lib/cookies.js#L54
cookies
module detect secure byreq.connection.encrypted
.And mostly koa app will running behind a reverse proxy(nginx) and detect https from
"X-Forwarded-Proto"
header.Now I must set every cookie with
secure = true
options.Is there a easy way to make secure cookie by default?
The text was updated successfully, but these errors were encountered: