Third-party cookie will be blocked - warning, not able to logout
I want to remove the warning and be able to logout
https://link-bee-roan.vercel.app/ this is the link
I am setting cookies here
res.cookie('token', token, {
secure: true,
sameSite: 'none',
});
My cors
app.use(cors({
origin: "https://link-bee-roan.vercel.app",
credentials: true
}));
In the frontEnd
axios.defaults.withCredentials = true;
.
.
.
let response = await axios.post("https://linkbee-2.onrender.com/login", {
// let response = await axios.post("http://localhost:3000/login", {
userID, password
},{
withCredentials: true,
});
I am getting the third party cookie error in the console,
However I am able to see the cookie, but when I click the logout button, the cookie is not getting deleted,
This is the logout backend code,
router.post('/logout', (req, res) => {
console.log("this is the cookie :: " , req.cookies.token);
res.clearCookie('token').send(req.cookies.token);
});
This is the related function in the front end
const handleLogout = async (e) => {
try {
let response = await axios.post(`${backendLink}/user/logout`);
console.log("this is the respose :: " , response);
// window.location.href = "/";
}
catch (error) {
console.log("error :: ", error);
}
}
Getting the cookie, but the cookie is not getting deleted even after the logout code above;
From the documentation:
Web browsers and other compliant clients will only clear the cookie if the given options is identical to those given to res.cookie(), excluding expires and maxAge.
Having
res.cookie('token', token, {
secure: true,
sameSite: 'none',
});
to set cookies, you should have
res.clearCookie('token', {
secure: true,
sameSite: 'none',
}).send();
to mirror the options.
Saying that, cookies are stored on the client, and in your particular case (no serverside logic in router.post('/logout' handler, the cookie is not "http only", no other cookies) you can delete it (and effectively logout) straight in the browser, saving on the HTTP request:
document.cookie = 'token; Max-Age=0 path=/; domain=...etc'
- Why does "npm install" rewrite package-lock.json?
- permission problem with opennms running a nodejs script in notification
- Xero custom integration app - node sdk requests failing with 403
- nodejs -> ldapjs... why the returned value is undefined and the real value of client.bind comes second?
- How to use Multer middleware to upload array of images
- Javascript split on non-alphanumeric an keep delimiters at start
- Insert email with unique id node js
- How many child processes can a node.js cluster spawn on a 64bit Wintel PC?
- Getting TypeError: client_secret_basic client authentication method requires a client_secret
- Write to a CSV in Node.js
- SyntaxError: Unexpected token function
- Update react context without refreshing page on state update
- How can I use "exports" in package.json for nested submodules and TypeScript?
- How to generate an azure blob url with SAS signature in nodejs sdk v12?
- Cannot overwrite model once compiled Mongoose
- writing ejs in a script is giving me the error 'Expression expected'
- Cookie in Thunder Client VS Code extension
- Cognito "Authorizer" element not appearing in RequestContext in a Lambda triggered via API Gateway
- Node.js: How to use variable from outer scope of event in EventEmitter?
- Quasar Error: Cannot find module 'ajv/dist/compile/codegen'
- Using github actions env vars to run different base Urls in feature and staging for snowflake Cypress test
- Express doesn't redirect to react-router root path after successful MongoDB save - fails silently - how to redirect successfully?
- Native Node.js Metrics in Application Insights
- Trouble accessing Chrome's remote debugging port 9223 with Selenium WebDriver in headless mode
- Uploading File to S3 via Node.js SDK Resulting is Blank File
- How to resolve node modules proxy issue?
- Node.js check if path is file or directory
- Is Node version relevant after build and deploy?
- Renaming folder fails in node.js
- API from proxy not working after deploying on netlify