Merge pull request #50 from 10sa/patch-3

Remove Cookie secure options
2025-06-05 21:59:27 +02:00 · 2023-02-15 02:04:31 +04:00
parent cb00faa570 44e7d2ab01
commit e13c1a3877
1 changed files with 1 additions and 0 deletions
--- a/server.js
+++ b/server.js
@@ -70,6 +70,7 @@ const { invalidCsrfTokenError, generateToken, doubleCsrfProtection } = doubleCsr
 	cookieOptions: {
 		httpOnly: true,
 		sameSite: "strict",
+		secure: false
 	},
 	size: 64,
 	getTokenFromRequest: (req) => req.headers["x-csrf-token"]