如何使用 CookieSession 安全选项?
How to use CookieSession secure option?
我安装了一个名为 cookie-session v2.0 的 NPM,我想用它来使用 HTTPS 协议将 JWT 传输到客户端浏览器。
但是,当我想根据 https://www.npmjs.com/package/cookie-session 的文档将安全选项设置为 true 时,我收到一条错误消息,指示如下:
Argument of type '{ signed: false; secure: any; }' is not assignable to parameter of type '{ httpOnly?: boolean; keys?: any[]; name?: string; overwrite?: boolean; secret?: string; signed?: boolean; }'.
Object literal may only specify known properties, but 'secure' does not exist in type '{ httpOnly?: boolean; keys?: any[]; name?: string; overwrite?: boolean; secret?: string; signed?: boolean; }'. Did you mean to write 'secret'?
如果我将鼠标悬停在 cookieSession 上,我可以清楚地看到根据文档没有这样的 属性 分配。
(alias) cookieSession(options?: {
httpOnly?: boolean;
keys?: any[];
name?: string;
overwrite?: boolean;
secret?: string;
signed?: boolean;
}): Function
import cookieSession
到目前为止,这是我在 expressApp 文件中的代码:
const express = require("express");
const cookieSession = require("cookie-session");
const cors = require("cors");
const { errorHandler } = require("./middleware");
const { NotFoundError } = require("./errors");
const routers = require("./routes");
const expressApp = function async(app) {
app.set("trust proxy", true);
app.use(express.json());
app.use(
cookieSession({
signed: false,
})
);
app.use(express.urlencoded({ extended: true, limit: "1mb" }));
app.use(cors());
app.use("/api/v1", routers);
app.all("*", async (req, res) => {
throw new NotFoundError();
});
app.use(errorHandler);
};
module.exports = expressApp;
如何解决此问题以便将安全选项设置为 true?
非常感谢您!
根据您链接的文档
Cookie Options -
Other options are passed to cookies.get() and cookies.set() allowing you to control security, domain, path, and signing among other settings.
在 app.use 中创建 cookieSession 时,您无法将 cookie 设置为安全,但您可以在设置或获取路由中的 cookie 时进行设置。
cookies.set({ secure: true });
在 how to send secure cookie in expressjs
上查看此答案
我安装了一个名为 cookie-session v2.0 的 NPM,我想用它来使用 HTTPS 协议将 JWT 传输到客户端浏览器。 但是,当我想根据 https://www.npmjs.com/package/cookie-session 的文档将安全选项设置为 true 时,我收到一条错误消息,指示如下:
Argument of type '{ signed: false; secure: any; }' is not assignable to parameter of type '{ httpOnly?: boolean; keys?: any[]; name?: string; overwrite?: boolean; secret?: string; signed?: boolean; }'.
Object literal may only specify known properties, but 'secure' does not exist in type '{ httpOnly?: boolean; keys?: any[]; name?: string; overwrite?: boolean; secret?: string; signed?: boolean; }'. Did you mean to write 'secret'?
如果我将鼠标悬停在 cookieSession 上,我可以清楚地看到根据文档没有这样的 属性 分配。
(alias) cookieSession(options?: {
httpOnly?: boolean;
keys?: any[];
name?: string;
overwrite?: boolean;
secret?: string;
signed?: boolean;
}): Function
import cookieSession
到目前为止,这是我在 expressApp 文件中的代码:
const express = require("express");
const cookieSession = require("cookie-session");
const cors = require("cors");
const { errorHandler } = require("./middleware");
const { NotFoundError } = require("./errors");
const routers = require("./routes");
const expressApp = function async(app) {
app.set("trust proxy", true);
app.use(express.json());
app.use(
cookieSession({
signed: false,
})
);
app.use(express.urlencoded({ extended: true, limit: "1mb" }));
app.use(cors());
app.use("/api/v1", routers);
app.all("*", async (req, res) => {
throw new NotFoundError();
});
app.use(errorHandler);
};
module.exports = expressApp;
如何解决此问题以便将安全选项设置为 true?
非常感谢您!
根据您链接的文档
Cookie Options - Other options are passed to
cookies.get()andcookies.set()allowing you to control security, domain, path, and signing among other settings.
在 app.use 中创建 cookieSession 时,您无法将 cookie 设置为安全,但您可以在设置或获取路由中的 cookie 时进行设置。
cookies.set({ secure: true });
在 how to send secure cookie in expressjs
上查看此答案