session
session copied to clipboard
Simple session middleware for Express
Browsers consider localhost to be a secure origin (i.e. see https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies#restrict_access_to_cookies). express-session does not. This means for my local configuration, I need to disable the Secure flag, which has other...
When running the tests on latest (v1.17.3) I get: ``` ... 124 passing (3s) 1 failing 1) session() req.session .cookie .secure should set cookie when secure: Error: error:140AB18F:SSL routines:SSL_CTX_use_certificate:ee key...
Fixes #888 Replaced the usage of undocumented HTTP API with its implementation instead (bringing about **_some_*** http2 support). There is no change to the existing behavior. This is similar to...
Refs #905
Why? The scope calling regenerate (or reload) does not necessarily want or need to know what a `req` is. Passing the new session object as a callback parameter allows the...
In the environment where I'm using `express-session`, sometimes the session is set to `{}`. That causes this library to crash, because upon session load/creation it is currently only checking if...
When I reconfigured session storage to share cookie/session between subdomains (added {domain: ".domain.com"} I have encountered on multiple time the issue where user ended up with old and new session...
Hi, cookie has recently been released to allow for users to set the priority cookie (https://github.com/jshttp/cookie/issues/138). This is important to set for session cookies due to the corresponding issued log...
- Fixes #898
- I maintain an express/session store and the other day I got someone's contribution that makes calling the `function destroy`'s callback optional: https://github.com/TimDaub/better-sqlite3-session-store/pull/10 - So I looked into https://github.com/expressjs/session#session-store-implementation because...