Fastify: setCookie doesn't work in Microsoft Edge

This is most certainly a browser issue. You'll just have to try different
settings, e.g. change the domain to ".127.0.0.1".

On Fri, Jan 5, 2018 at 06:43 Valentin Vichnal notifications@github.com
wrote:

Hey, I have a simple route to set a http only cookie:

fastify.get('/cookie', function (request, reply) {

const cookieProp = {
domain: 'localhost',,
path: '/',
httpOnly: true,
maxAge: 60 * 60 * 24 * 7 // 1 week
};

return reply.setCookie('someField', 'someValue', cookieProp).send({ action: 'success' });
});

This is working in Chrome and Firefox, but in Edge the cookie list stays
empty.

I don't know why because on Edge I get the same response header:
Set-Cookie: someField=someValue; Max-Age=604800; Domain=localhost; Path=/;
HttpOnly

—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
https://github.com/fastify/fastify/issues/618, or mute the thread
https://github.com/notifications/unsubscribe-auth/AATmsehCDOLqppovE-Ug89ZXPzfYPMbnks5tHgrwgaJpZM4RUWQ7
.

>

James Sumners
http://james.sumners.info/ (technical profile)
http://jrfom.com/ (personal site)
http://haplo.bandcamp.com/ (music)

What do you want me to do? You have said that the appropriate header is being sent. That clearly points to the browser not doing its job.

When you're working with "localhost" deployments, cookies behave weirdly. Notice these cookie settings:

https://github.com/jscas/cas-server/blob/26cf0f76648b8e536ae1c4abadfc6f1e456530cc/docker/jscas.json#L11-L18

They are not good values for a production system. But Chrome will refuse to set the cookie if SameSite is not set to lax because of the fact that it is a localhost configuration (mapped via the system hosts file).

You were right, thanks!
When I removed the domain key from the cookie settings it worked.