ssxcookieoptions

Home > @spruceid/ssx-server > SSXCookieOptions

SSXCookieOptions interface

Configuration interface for cookies issued by ssx-server

Signature:

export interface SSXCookieOptions extends CookieOptions

Extends: CookieOptions

Properties

Property	Type	Description
httpOnly	true	Prevents client-side javascript from accessing cookies. Should always be true.
sameSite	boolean \| 'lax' \| 'strict' \| 'none' \| undefined	Prevents Cross Site Request Forgery Attacks by telling the browser to only send cookies with request from your site. The lax setting allows GET requests from other sites. Recommended true for production.
secure	boolean	Whether or not cookies should be sent over https. Recommend true for production.
signed	boolean	Whether or not cookies should be signed. Recommended true for production. Set to true by providing a signing key. If false, cookies can be tampered with on the client.

Property

Modifiers

Type

Description

httpOnly

true

Prevents client-side javascript from accessing cookies. Should always be true.

sameSite

boolean | 'lax' | 'strict' | 'none' | undefined

Prevents Cross Site Request Forgery Attacks by telling the browser to only send cookies with request from your site. The lax setting allows GET requests from other sites. Recommended true for production.

secure

boolean

Whether or not cookies should be sent over https. Recommend true for production.

signed

boolean

Whether or not cookies should be signed. Recommended true for production. Set to true by providing a signing key. If false, cookies can be tampered with on the client.

Previousssxcloudflareprovider Nexthttponly

Last updated 1 year ago