#StackBounty: #express #cookies #safari On Safari, cookies are not saved when sent with redirect

Bounty: 50

I have implemented an OAuth2 client, in which the first step is to send a user to the relevant 3rd party (facebook for this example), I set them a state cookie, and when they return from facebook I validate that state cookie.

In Chrome, everything is great. When I send the user to the redirect URL, I can see (using inspect element) that they have the state cookie I set.
However, when I try on (desktop) safari on latest MacOS, I don’t see that cookie.

I set the cookie in the response for my redirect request:

res.cookie('state', state.toString(), {
  maxAge: 3600000,
  secure: true,
  httpOnly: true,
});
res.redirect(someRedirectUri);

How can I get those cookies to be saved on Safari as well? Am I just setting the cookies wrong?


Get this bounty!!!

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.