Closed vvo closed 4 years ago
Dashue
commented
4 years ago I'd be for this, just now trying to figure out where cookiename goes. Just installed the package and am not looking for intellisense for typescript, to then figure out where cookie name goes :)
vvo
commented
4 years ago @Dashue Do you mean that when using this package (thanks), your editor did not suggest the cookieName option? (https://github.com/vvo/next-iron-session#withironsessionhandler--password-ttl-cookiename-cookieoptions-)
I happen to be working on the package right now so I will just do that (make it mandatory)
Dashue
commented
4 years ago Exactly, I'm using typescript.
Not sure if you're shipping declaration files? Or maybe it was just Vs having a moment
vvo
commented
4 years ago FWIW: I am not using typescript and I get autocomplete by default,
I do not ship declaration files (since I am not using TS I don't even know how to do so). But I welcome any PR adding some.
vvo
commented
4 years ago :tada: This issue has been resolved in version 4.0.0 :tada:
The release is available on:
Your semantic-release bot :package::rocket:
vvo
commented
4 years ago :tada: This issue has been resolved in version 4.0.0 :tada:
The release is available on:
Your semantic-release bot :package::rocket:
eric-burel
commented
2 years ago Hi, what am I expected to do to fix this error? Add an explicit cookie name? I have this warning when running my Cypress e2e tests in headless mode, it might be a different issue, are there scenarios where the Hmac value cannot be computed? I couldn't find much documentation about this error
When developing multiple websites on the same host (localhost:3000), then the cookieName and value can be shared between applications. While this is not a security issue (localhost), it's still annoying because it will lead to errors like "Error: Bad hmac value" because we're trying to decode appx cookie using the password of appy.
By making cookieName mandatory, we could avoid that and recommend to always use appx appy cookie names