7

I want to set the secure flag in my cookie when I create it. I think I have the solution but I want to be sure in order to continue. I use the ngx-cookie-service to set my cookie.

Here is my code:

const now = new Date();
now.setHours(now.getHours() + 8);
const secureFlag = true;
this.cookieService.set('usertype', 'agent', now, '/', '/', secureFlag);

The thing is that I don't know if I have to declare the 4th and 5th parameter like that because if I don't declare them it shows error.

For example I try this:

const now = new Date();
now.setHours(now.getHours() + 8);
const secureFlag = true;
this.cookieService.set('usertype', 'agent', now, secureFlag);

and it warns me with Argument of type 'true' is not assignable to parameter of type 'string'

Do I have to use '/' for path and domain parameters when I don't want to define them?

Pavan Jadda
  • 4,306
  • 9
  • 47
  • 79
TheodoreTsg
  • 510
  • 3
  • 9
  • 23
  • Funny thing to note. If, using ngx-cookie-service, you try to place a secure flag like so `this.cookieService.set('name', value, path, domain, secureFlag)`, chrome will not allow it. Tryed it and chrome 80 refused the cookie. Haven't tryed it on another browser though. Also, note, `domain`, if you're not sure of what to put there, juste use `undefined`. – Buu97 Mar 04 '20 at 06:53

6 Answers6

5

This will work, also to do testing disable SameSite by default cookies on Google Chrome if you are having problems with Google Chrome.

Paste this into your browser and it will take you to the SameSite settings and disable.

chrome://flags/#same-site-by-default-cookies

this.cookieService.set('sessionuser', username, 1 , '/', 'localhost', false, "Lax" );
derloopkat
  • 6,232
  • 16
  • 38
  • 45
Gabriel Sanchez
  • 51
  • 1
  • 5
4

The get method of CookieService supports the following parameters:

    /**
     * @param name     Cookie name
     * @param value    Cookie value
     * @param expires  Number of days until the cookies expires or an actual `Date`
     * @param path     Cookie path
     * @param domain   Cookie domain
     * @param secure   Secure flag
     * @param sameSite OWASP samesite token `Lax`, `None`, or `Strict`. Defaults to `None`
     */
    set(name: string, value: string, expires?: number | Date, path?: string, domain?: string, secure?: boolean, sameSite?: 'Lax' | 'None' | 'Strict'): void;

The error Argument of type 'true' is not assignable to parameter of type 'string' it’s because you’re sending the secure parameter instead of path.

edu
  • 434
  • 1
  • 8
  • 17
2

If you are in development & you don't have ssl, then secureFlag: true, might not work.

e.g .

this.cookieService.set('cookieName', 'somevalue', 1, '/','localhost', false, "Strict");

This should work :)

Unheilig
  • 16,196
  • 193
  • 68
  • 98
Balram Sahu
  • 181
  • 1
  • 4
1

Does this post addresses the same issue? I think the answer there could help you. Angular4x : ngx-cookie-service with expire parameter

GSK
  • 51
  • 3
  • 1
    Well in the link you provided they solve the problem with the expire parameter when setting the cookie. My question here is if I have to add the 4th and 5th parameter even if it is `null` (for example, this.cookieService.set('usertype', 'agent', now, null, null, secureFlag);). In addition you could comment that and not post it as an answer but thanks anyway. – TheodoreTsg Sep 11 '19 at 09:27
  • One thing is the security flag and another the expiration of the cookie. The post has nothing to do. – edu Feb 15 '20 at 17:06
1

I think you alreadey solved in one of your comments, since is the solution I try and succeded, only add a last parameter (Lax), but is not necesary:

this.cookieService.set('usertype', 'agent', now, null, null, secureFlag, 'Lax');

I try to add '/' in the path and domain parameters, that only works in 'path', but setting both to null do the work.

Joel Sandoval Reyes
  • 11
  • 1
1

You can try below one ("Lax"/"Strict"):-

const secureFlag = true; this.cookieService.set('cookieName', 'somevalue', undefined, undefined,'undefined, secureFlag , "Strict");

Deepak Mitawa - AIS
  • 151
  • 2
  • 5