[BREAKING CHANGE] fix: RFC6265 default cookie name (#197)

History.md

@@ -1,3 +1,9 @@
+6.0.0 / 2020-04-26
+==================
+
+**fixes**
+  * [[`d34fc8e`](https://github.com/koajs/session/commit/d34fc8e0395bd3dc0c8cceda4374039a4d414060)] - fix: RFC6265 compliant default cookie name (#197) (zacanger <<zac@zacanger.com>>)
+    * [BREAKING CHANGE]: Default cookie is now `koa.sess` rather than `koa:sess`
 
 5.13.1 / 2020-02-01
 ==================

Readme.md

@@ -48,7 +48,7 @@ const app = new Koa();
 app.keys = ['some secret hurr'];
 
 const CONFIG = {
-  key: 'koa:sess', /** (string) cookie key (default is koa:sess) */
+  key: 'koa.sess', /** (string) cookie key (default is koa.sess) */
   /** (number || 'session') maxAge in ms (default is 1 days) */
   /** 'session' will result in a cookie that expires when session/browser is closed */
   /** Warning: If a session cookie is stolen, this cookie will never expire */
@@ -84,7 +84,7 @@ console.log('listening on port 3000');
 ### Options
 
   The cookie name is controlled by the `key` option, which defaults
-  to "koa:sess". All other options are passed to `ctx.cookies.get()` and
+  to "koa.sess". All other options are passed to `ctx.cookies.get()` and
   `ctx.cookies.set()` allowing you to control security, domain, path,
   and signing among other settings.
 

index.js

@@ -13,7 +13,7 @@ const _CONTEXT_SESSION = Symbol('context#_contextSession');
 /**
  * Initialize session middleware with `opts`:
  *
- * - `key` session cookie name ["koa:sess"]
+ * - `key` session cookie name ["koa.sess"]
  * - all other options are passed as cookie options
  *
  * @param {Object} [opts]
@@ -60,7 +60,7 @@ module.exports = function(opts, app) {
 function formatOpts(opts) {
   opts = opts || {};
   // key
-  opts.key = opts.key || 'koa:sess';
+  opts.key = opts.key || 'koa.sess';
 
   // back-compat maxage
   if (!('maxAge' in opts)) opts.maxAge = opts.maxage;