How to set a same domain cookie with Heroku subdomains?

javascript heroku cookies cross-domain subdomain

herokuapp.app is listed in Public suffix List which means cookies are blocked from bein set to the domain "herokuapp.com"

you must use custom domain technique

javascript heroku cookies cross-domain subdomain

Stuck with this issue for some time. What I figured out:

Need add proxy attribute to app:

const app = new Koa()app.proxy = true

Extend cookies options with sameSite attribute:

cookies.set("accessToken", token, {  maxAge: 1000 * 60 * 24,  signed: true,  secure: process.env.NODE_ENV === "production",  httpOnly: true,  domain: process.env.ORIGIN_HOSTNAME || "localhost",  sameSite: 'none' // <-- add this})

Before that I bought a domain for my app. Frontend app point to "domain.com", and Backend app point to "api.domain.com". But now I am not sure if it was necessary.

CodeHunter

How to set a same domain cookie with Heroku subdomains?

Recent Posts

How can I color dots in a xy scatterplot according to column value?

How to update a claim in ASP.NET Identity?

What does {0} mean when initializing an object?

Accessing members of items in a JSONArray with Java

How to log SQL statements in Spring Boot?

Powershell Get-WebSite name parameter is ignored

How to detect scroll to bottom of html element

Java synchronized method

How to test controllers with CodeIgniter?

Detect Visual Composer

Matplotlib: Specify format of floats for tick labels

Rails join a list of strings with commas and "and" before the last