HttpOnly set to FLASE does not work

Secbone / koa-session2

Middleware for Koa2 to get/set session

MIT License

152 stars 30 forks source link

Closed tomoat closed 7 years ago

tomoat commented 7 years ago

HttpOnly set to FLASE does not work

.use(session({key: 'koa:sess', signed: true, overwrite: true, httpOnly: false}))

Secbone commented 7 years ago

@tomoat It works to me. Could you supply a case?

tomoat commented 7 years ago

I've found a solution, and I've tried, and I've succeeded app.js

app.use(session({key: 'koa:sess', signed: true}))

routes/user.js

ctx.cookies.set('users', jwt.sign({ uid: users.id, name: users.name }, config.token_secret), { httpOnly: false })