Expressjs secure session cookie

Question

I cant seem to find a way to set a secure cookie in expressjs framework. Is there an option to do this somewhere?

Answer 1

Based on the documentation, try this:

res.cookie('rememberme', 'yes', { expires: new Date(Date.now() + 900000), httpOnly: true, secure: true });

Using res.cookie(name, val[, options]) sets the given cookie name to val, with options httpOnly, secure, expires, etc. The path option defaults to the app’s basepath setting, which is typically "/".

See the docs for res.cookie for more details.