Meteor session cookie & meteor

2018-07-03 05:36:05

According to the docs , Meteor doesn't use session cookies.

However, what's the meteor_login_token cookie used for then? It looks to me like a session cookie, created after the user successfully signs in, and passed then to every request made to the server.

Meteor definitely doesn't use cookies.

Do you have any additional packages with your app that could add this cookie? For example, fast-render has the ability to get data related to a user by sending the same login token using cookies.

If we take a look at their code, they indeed have a function setting a cookie named meteor_login_token .

function setToken(loginToken, expires) {
  Cookie.set('meteor_login_token', loginToken, {
    path: '/',
    expires: expires
  });
}

This behavior is described in the security part of their readme.

If you're not using fast-render, you should definitely check any additional packages you may have that could add an additional cookie.

链接地址: http://www.djcxy.com/p/92610.html

上一篇: 在google.Internal服务器中添加联系人时出现异常错误

下一篇: 流星会话cookie和流星