I have one server that handles requests from the web and apps.
And the server issues cookies that the web and apps will use for authentication.
But there is a problem here.
The web, unlike apps, has a domain, and there are relatively new options for cookies, such as "same site".
In addition, there are various options such as domain, secure, httpOnly, and path.
At this point, how do you set appropriate cookies for your app and web?
For example, the app doesn't have a domain, so I don't think the app needs the "same site" option.
How do I properly handle cookies in my app?
[cookie options - express.js]
httpOnly,
maxAge,
signed,
secure,
domain,
sameSite,
path,
Thank you!
Aucun commentaire:
Enregistrer un commentaire