Skip to main content

Cookie configuration

By default the response cookie send with options:

httpOnly: true,
maxAge: 1000 * 60 * 60 * 24 * 31, // 31days

You can configure this by providing a cookieOptions object into the server constructor.

cookieOptions shares the same properties as the Express res.cookie options


If you wish to set sameSite to none, please make sure also set secure option to true. SameSite cookies


Allowing cookies be sent in all contexts, i.e in responses to both first-party and cross-origin requests.

const server = new CollabServer({
cookieOptions: {
sameSite: 'none',
secure: true