ssxcookieoptions

​Home > @spruceid/ssx-server > SSXCookieOptions​
SSXCookieOptions interface
Configuration interface for cookies issued by ssx-server
Signature:
export interface SSXCookieOptions extends CookieOptions 
Extends: CookieOptions
Properties
Property
Modifiers
Type
Description
​httpOnly​
​
true
Prevents client-side javascript from accessing cookies. Should always be true.
​sameSite​
​
boolean | 'lax' | 'strict' | 'none' | undefined
Prevents Cross Site Request Forgery Attacks by telling the browser to only send cookies with request from your site. The lax setting allows GET requests from other sites. Recommended true for production.
​secure​
​
boolean
Whether or not cookies should be sent over https. Recommend true for production.
​signed​
​
boolean
Whether or not cookies should be signed. Recommended true for production. Set to true by providing a signing key. If false, cookies can be tampered with on the client.

Property	Type	Description
httpOnly	true	Prevents client-side javascript from accessing cookies. Should always be true.
sameSite	boolean \| 'lax' \| 'strict' \| 'none' \| undefined	Prevents Cross Site Request Forgery Attacks by telling the browser to only send cookies with request from your site. The lax setting allows GET requests from other sites. Recommended true for production.
secure	boolean	Whether or not cookies should be sent over https. Recommend true for production.
signed	boolean	Whether or not cookies should be signed. Recommended true for production. Set to true by providing a signing key. If false, cookies can be tampered with on the client.

ssxcloudflareprovider

httponly

Last modified 5mo ago