ssxcookieoptions
Last updated
Last updated
Home > @spruceid/ssx-core > SSXCookieOptions
Configuration interface for cookies issued by ssx-server
Signature:
Extends: CookieOptions
Property | Modifiers | Type | Description |
---|---|---|---|
true
Prevents client-side javascript from accessing cookies. Should always be true.
boolean | 'lax' | 'strict' | 'none' | undefined
Prevents Cross Site Request Forgery Attacks by telling the browser to only send cookies with request from your site. The lax setting allows GET requests from other sites. Recommended true for production.
boolean
Whether or not cookies should be sent over https. Recommend true for production.
boolean
Whether or not cookies should be signed. Recommended true for production. Set to true by providing a signing key. If false, cookies can be tampered with on the client.