pouchdb / pouchdb-server

CouchDB-compatible server built on PouchDB and Node
Apache License 2.0
955 stars 154 forks source link

Config couch_httpd_auth.timeout doesn't work as expected and throws unhelpful error #465

Open bdombro opened 2 years ago

bdombro commented 2 years ago

With a recent update to the cookie dependency, the expires value must be valid when setting cookies. pouchdb-server does not limit the timeout config option, which if too big causes Express to set an invalid date. This also causes an uncaught and hard to troubleshoot error.

Unhelpful Error that bubbles: Cannot read properties of undefined (reading 'getSecurity')

Suggestions:

  1. I created a PR to better bubble errors and be more tolerant of high timeouts.
  2. I also created a PR in Express to better tolerate high maxAges