服务器发送的cookie不会覆盖现有的cookie

Question

i have a express application and using cookie-session module for session management. application has 2 paths https://example.com/abc/def and https://example.com/abc/ghi . if i am visiting any path first then it sets a cookie but if i am changing the URL to other path then i can see that server is responding with new value for the cookie in developer console but it is not getting updated in browser. any idea what is preventing cookie from getting updated?

Answer 1

You need to clearCookie before you set new one. Most importantly cookies work with domain not the paths. So in both the path where you want to set cookie you have to check for existing cookie and if you found one you have to remove it to set new one.

const cookieSession = require('cookie-session');
const express = require('express');
const app = express();

app.set('trust proxy', 1) // trust first proxy

app.use(cookieSession({
   name: 'session',
   keys: ['key1', 'key2']
}));

app.get('/abc', function(req, res, next) {
  req.session = {
     'views':'abc'
  };
  res.end(req.session.views + ' cookie value is set');
 });


app.get('/xyz', function(req, res, next) {
  req.session = {
    'views':'xyz'
  };
  res.end(req.session.views + ' cookie value is set');
});

app.get('/test', function(req, res, next) {
   res.end(req.session.views + ' cookie found');
});

app.listen(3000);

This is sample code where path /abc and /xyz sets diffrent values for session and those values can be seen on /test path.

So if you first hit /abc route and than hit /test path you will get cookie value {'views': 'abc'} and if you hit /xyz and than hit /test cookie value will be {'viewa':'xyz'} ;

Answer 2

在进一步分析中，我发现Cookie的内容长度超出了4096字节的允许大小，一旦我们修复了内容，我们就可以正确地设置Cookie。