Home/ Questions/Q 8867243
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-14T16:59:06+00:00

This is my setup: express.js version: 3.0.0rc2 app.js … app.use(express.cookieParser(‘secret’)); app.use(express.session({secret: ‘secret’})); app.use(app.router); …

  • 0

This is my setup:

express.js version”: “3.0.0rc2”

app.js

...  
app.use(express.cookieParser('secret'));
app.use(express.session({secret: 'secret'}));
app.use(app.router);
...

Then to set the signed cookie and a redirect:
res.cookie('session', cookie_value, {signed: true});
res.redirect('/else_where');

Then to retrieve the signed cookie:
var cookie = req.signedCookies.session; 

console.log('get cookie: ' + req.cookies.session);
console.log('get signed cookie: ' + req.signedCookies.session);

The problem is that the cookie is undefined for the signed cookie and works fine with the req.cookies.session.

For some reason I the signing of the cookie is not being played out.
Not sure what’s going on.
Is the order of my app.use() correctly laid out?

similar to this this

UPDATE_02
I implemented a simple res/req for a signed cookie like so:

app.configure(function(){
  app.set('port', process.env.PORT || 3000);
  app.set('views', __dirname + '/views');
  app.set('view engine', 'jade');
  app.use(express.favicon());
  app.use(express.logger('dev'));
  app.use(express.cookieParser('secret'));
  app.use(express.bodyParser());
  app.use(express.methodOverride());
  app.use(expressValidator);
  app.use(express.session());
  app.use(app.router);
  app.use(express.static(path.join(__dirname, 'public')));
});

app.get('/', function(req, res) {
  if (!req.signedCookies.cat) {
    res.cookie('cat', 'boo', {signed: true});
    console.log('setting cookie');
    res.writeHead(200, {'Content-Type':'text/plain'});
    return res.end('cookie set');
  }

  res.end('signed cookie: ' + req.signedCookies.cat);
});

When I use the browser to hit localhost:3000 I get the first desired responsecookie set.
I check the browser cookies and the cookie has been set.
When I use the same browser to hit localhost:3000 again I get the same response ‘cookie set’.
The request does not seem to pickup on the cookie.

So in another file I copied/paste the exact above code and switched ports to 3080.
When that goes through the second response produces `signed cookie: boo’.

Then if I refresh localhost:3000 the response is signed cookie: boo.
Why does this happen? Is there caching going on that shouldn’t?
Any help is appreciated.

UPDATE_01
Even if I do a req.signedCookies.session immediately after setting the cookie I get back undefined. The cookie does get signed because there is an additional . followed by a bunch of random letters and numbers. It’s not being assigned to req.signedCookies

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    The cookie in the browsers is:
    boo.o5SqHrxUOZkyNLdIBqIZrfog6jXYJkP78M99IMbrnDA

    By updating to express 3.0.3 the cookie becomes:
    s:boo.o5SqHrxUOZkyNLdIBqIZrfog6jXYJkP78M99IMbrnDA

    The problem is fixed after updating.

    • 0