cookie option cannot be bool true or else .key is undefined...
busticated opened this issue · comments
Busticated commented
cookie
set to a truthy value to enable cookie-based instead of session-based csrf secret storage.- If
cookie
is an object, these options can be configured, otherwise defaults are used:key
the name of the cookie to use (defaults to_csrf
) to store the csrf secret
- If
if (options.cookie && !options.cookie.key) {
options.cookie.key = '_csrf'
}
so, if i do the following:
app.use(express.csrf({ cookie: true }));
options.cookie.key
is undefined
because .key
is assigned to a bool.
what am I missing?
Douglas Wilson commented
Sounds like a module bug to me :)
Busticated commented
hehe! thought so :-)
want a patch or have you already fixed it? :-D
Douglas Wilson commented
Sorry, didn't even look at this reply until I pushed the fix ;) I'll have it published to npm in just a little bit.
Busticated commented
oh no sweat! again, i figured :)
thanks a bunch! 👍
Douglas Wilson commented
Thank you for the report :) Published as 1.6.2