New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
HTTPOnly cookie possible? #377
Labels
question
Further information is requested
Comments
I'm having the same issue. Have you had any luck @Xzandro ? Versions -
nuxt.config.ts (strapi)
|
I do not. I just went without HTTP only for now. I set secure in production for the cookie tho. Still not sure how bad it currently is, but I suspect, that we somehow get the cookies via JS on the client side and thus HTTP only is not possible, not sure. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
So, i tried to use the authentication and it worked pretty great for the most part. But when I set httpOnly for the cookies, it will not be set. What would be the reason for that? I would unterstand, that the client does not have access to that cookie, but not sure if we would need to have access anyway? I'm just worried about potential security risks.
When I try this, it works:
But when I add httpOnly, then the cookie is not set. Does not work:
The text was updated successfully, but these errors were encountered: