1

My website is running under HTTPS and I try to save the react-cookie-consent cookie as 'httpOnly' and 'secure'. What I tried so far, without success, was cookieSecurity and extraCookieOptions like this:

<CookieConsent
 location="bottom"
 buttonText="I understand"
 cookieSecurity={true}
 extraCookieOptions={{
   httpOnly: true,
   secure: true
 }}>
 This website uses cookies to enhance the user experience.
</CookieConsent>

Here is the NPM package https://www.npmjs.com/package/react-cookie-consent

Do I miss something in documentation?

Vlado
  • 3,517
  • 2
  • 26
  • 24
  • 2
    httpOnly cookies are not accessible from the browser scripts by design. – tromgy Nov 01 '21 at 11:45
  • Thank you, and how to set it up 'secure'? Is this a correct syntax for the package? – Vlado Nov 01 '21 at 12:43
  • From their documentation it seems that `cookieSecurity={true}` is the right way to do it. I don't think you need `extraCookieOptions`, but unfortunately it is not well documented. – tromgy Nov 01 '21 at 18:18

0 Answers0