Express-session Secure Cookies not working

Question

When not using secure cookie true setting, my app user login works fine. When I enable secure cookies, the login appears to go through fine, but it seems the cookie is not s

Answer 1

My guess is that the actual problem is this:

httpOnly: true

This means that any client-side code cannot access the cookie (through document.cookie), and any XHR ("AJAX") requests that you perform need to explicitly set withCredentials before any cookies will be sent in the request.

It depends on which client-side setup you're using how to do that:

• plain XHR: look at the example code
• fetch: here
• jQuery: use the xhrFields option for $.ajax()
• Angular 1: here
• Angular 2: here