Comments (6)
Not sure if I should suggest the pull request for this feature. Is this repository about only cookie-based sessions?
No, that is cookie-sessions. This is a generic session middleware that has to be hooked into a session store. (please don't use memory store, for your own good.)
.. so, you can make a PR if you'd like. :)
from session.
Well, this is a generic one got web requests using Cookies. This has been brought up a few times and the answer is it just don't fit in.
there are some restrictions with fetching them in JavaScript
this module simply hides them from javascript access by default. have you tried the following?
app.use(session({
secret: 'keyboard cat'
, cookie: { httpOnly: false } // allow JavaScript access to cookie
}))
from session.
Yes, tried this. But removing httpOnly
mark is not enough when using AJAX requests. I still had problems with xhr.getResponseHeader('Set-Cookie')
. As I can see, it's restricted by latest XMLHttpRequest Level 1 draft
Returns the header field value from the response of which the field name matches header, unless the field name is Set-Cookie or Set-Cookie2.
from session.
@detonator anything that is in Set-Cookie
will automatically become part of document.cookie
after the request completes, no?
from session.
@dougwilson nope, document.cookie
returns cookies for current domain. Some of my requests are performed via CORS
with pre-flight. So the only place where I can fetch session ID is in the AJAX request callback.
from session.
Oh, you didn't mention CORS :) Yes, you cannot access cookies from another domain no matter what (also, this is the reason you cannot read Set-Cookie
headers ;) ). Send your PR and I can mull it over. I see you just have a fork, so it should be easy, haha.
from session.
Related Issues (20)
- Undefined session object with apollo v4 express and express-session HOT 1
- Regenerated session is re-saved even if not modified since save HOT 1
- Allow for sessions to be shared between subdomains. HOT 1
- Invalid argument type express-session "1.17.3" and redis "4.6.7", HOT 1
- Request session destroy does not always resolve before returning HOT 1
- TypeError: Cannot read properties of undefined (reading 'reload') HOT 4
- [FEATURE REQUEST] Session Async Methods
- `SESSION.DESTROY()` DOES NOT DELETE SESSION. HOT 7
- A `destroy`ed session is still `touch`ed HOT 1
- cookie options won't get set HOT 13
- [Feature Request] Support of phasing out third-party cookies HOT 16
- req.sessionStore.all with typescript bug? HOT 7
- Don't `Set-Cookie` for static/public files? HOT 2
- Issue HOT 1
- Can't set partitioned cookie even though I updated all of the package HOT 6
- 'sha1' hash algorithm used at index.js is unsafe HOT 3
- Any good ways to refresh database data with a session? HOT 4
- Get session object from `req.session` outside of request context HOT 3
- express session is failing because session is undefined HOT 2
- Type 'RequestHandler<ParamsDictionary, any, any, ParsedQs, Record<string, any>>' is not assignable to type 'Type<any> | DynamicModule | Promise<DynamicModule> | ForwardReference<any>'. HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from session.