What are “signed” cookies in connect/expressjs?

Question

I am trying to figure out what \"signed cookies\" actually are. There isn\'t much on the net, and if I try this:

app.use(express.cookieParser(\'A secret\'));         


        

Answer 1

I have been searching pretty extensive for a good answer to this... And looking at the source code of cookie-signature, that is used by cookie-parser to sign the signed cookies have given me a better understanding of what a signed cookie is.

val is of course the value of the cookie, and secret is the string you add as option to cookie-parser

https://github.com/visionmedia/node-cookie-signature/blob/master/index.js#L16