Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Encrypted Cookies #12

Open
nburoojy opened this issue Aug 30, 2014 · 7 comments
Open

Encrypted Cookies #12

nburoojy opened this issue Aug 30, 2014 · 7 comments
Assignees
@dougwilson
Labels
enhancement

Comments

@nburoojy
Copy link

We would like to encrypt cookie contents instead of encode+sign. Would this feature fall within the scope of cookie-parser?

For reference, a similar feature has been requested in cookie-session and cookies:
expressjs/cookie-session#9
pillarjs/cookies#42
@Fishrock123
Copy link

Whenever pillarjs/cookies#42 lands

@hex7c0
Copy link

hex7c0 commented Sep 7, 2014

Hi, I write https://github.com/hex7c0/cookie-encryption.
maybe for @jonathanong can be useful for his implementation

@dougwilson dougwilson self-assigned this Sep 18, 2015
@dougwilson dougwilson removed the future label Sep 18, 2015
@ebourmalo
Copy link

ebourmalo commented Apr 21, 2016
edited
Loading

I was also looking for this option and didn't find anything. I made a super-easy to use express middleware to achieve transparently cookie encryption / decryption: cookie-encrypter.

var app = express();
app.use(cookieParser(secretKey));
app.use(cookieEncrypter(secretKey));

Hope this helps

@aviqbaihaqy
Copy link

hi, this is support for laravel encrypted cookie?

@FadhiliNjagi
Copy link

Hey, I'm going to attempt to add support for cookie encryption. I am also going to modify the README to highlight the difference between signing and encrypting, and to give tips on creating strong keys.

@FadhiliNjagi
Copy link

I'm trying to add cookie encryption to the main express repo, but I run into this when I go to create a PR:

image

I even created and published a whole npm package just to handle encryption, kind of like cookie-signature. The idea is to add the encryption bit to the main express repo and the decryption bit here. The cookie-encryptor library works, but it is essentially hacking around by creating a middleware that overwrites the res.cookie method. I wanted to add "native" support. Please help.

@FadhiliNjagi
Copy link

I am now able to open a PR. Must be a one-time thing.

@FadhiliNjagi FadhiliNjagi mentioned this issue Apr 6, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@dougwilson dougwilson

Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
7 participants
@dougwilson @Fishrock123 @ebourmalo @aviqbaihaqy @hex7c0 @nburoojy @FadhiliNjagi