socket.io icon indicating copy to clipboard operation
socket.io copied to clipboard
verified publisher icon socketio

Include cookie-related CORS config in passport-example

Open peey opened this issue 4 years ago • 0 comments

The kind of change this PR does introduce

  • [ ] a bug fix
  • [ ] a new feature
  • [ ] an update to the documentation
  • [ ] a code change that improves performance
  • [x] other: update an example

Current behavior

Example works without problems, but implicitly relies on same-origin cookie sending behaviour which isn't always the case in real implementations.

New behavior

Makes the reliance on same-origin cookie behaviour explicit and add sample CORS configuration that while not strictly needed in the example, are useful when adapting the example to real world scenario. Makes the example a tad bit more "complete".

Other Info

Adding this is perhaps important because the configuration affects a library (express-session) that users may not directly work with, so may not have knowledge of correct configuration. Moreover, the library itself is centric to express so it doesn't offer socket.io configuration information, so this might be the best place to put this.

peey avatar Apr 02 '21 09:04 peey