When I've defined a cookie as HttpOnly, that cookie disappears from request.state after the server restarts. This doesn't seem to be part of the HttpOnly spec. Is there a way around this in HapiJS?
// cookie definition
server.state('my_cookie', {
ttl: YEAR_IN_MS,
isSecure: false,
isHttpOnly: true,
encoding: 'base64json',
clearInvalid: false,
strictHeader: true,
path: '/'
}
server.ext('onPreResponse', function(request, reply) {
console.log(request.state.my_cookie) // returns undefined after server restart
reply.continue()
})
via dyer
No comments:
Post a Comment