-
Notifications
You must be signed in to change notification settings - Fork 14.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Why setting object as cookie value get modified #2815
Comments
Hi! It's not part of any standard, as the RFC for cookies says the value can only be a string. Ideally if we followed the standard, we would reject your cookie if it wasn't a string. As a convenience, Express.js allows you to set non-strings as the values, and we'll If you do not want this behavior, simply provide a string as the cookie's value and we won't touch it. |
That's what I though but I needed confirmation. Thank you @dougwilson |
No problem! |
Hi @dougwilson, (Disclaimer: I don't know the difference between an unsigned cookie and a signed cookie). I noticed signed tokens get a Line 793 in 3c54220
I'm interested in your thoughts on this as at this point in the code, the cookie value is already a string, so the RFC reason for Thanks. |
Hi @neverendingqs , please try and open new issues, rather than resurrecting old, closed issues :) disclaimer: the decision to prepend (not append) the |
I see my cookie value with a
{j: original}
wrapped around my original value. Why is that? Is this from some RFC?The text was updated successfully, but these errors were encountered: