Error: cookieParser(“secret”) required for signed cookies











up vote
0
down vote

favorite












I am working on express/node.js and trying to understand cookies of expressjs and I'm setting cookie like this: 



var express = require('express');

var app = express();

var cookieParser = require('cookie-parser');

app.use(cookieParser());



app.get('/', function(req, res){

    res.cookie('cookie1', 'This is my first cooke', {maxAge: 1000*60*60*24*7, httpOnly: true});

    res.end('Cookie has been set');

});


And accessing cookies as follows:



app.get('/readCookies',function(req, res){

    res.send(req.cookies.cookie1);

});


But the problem is signed: true option when including this one for encoding cookie value during setting the cookie I am getting the following error:



Error: cookieParser("secret") required for signed cookies


Please help me and thanks in advance






node.js express cookies







share|improve this question
























  • github.com/expressjs/cookie-parser#api
    – robertklep
    Nov 11 at 13:59










  • But how can I sign cookies? @robertklep
    – Bablu Ahmed
    Nov 11 at 14:30















up vote
0
down vote

favorite












I am working on express/node.js and trying to understand cookies of expressjs and I'm setting cookie like this: 



var express = require('express');

var app = express();

var cookieParser = require('cookie-parser');

app.use(cookieParser());



app.get('/', function(req, res){

    res.cookie('cookie1', 'This is my first cooke', {maxAge: 1000*60*60*24*7, httpOnly: true});

    res.end('Cookie has been set');

});


And accessing cookies as follows:



app.get('/readCookies',function(req, res){

    res.send(req.cookies.cookie1);

});


But the problem is signed: true option when including this one for encoding cookie value during setting the cookie I am getting the following error:



Error: cookieParser("secret") required for signed cookies


Please help me and thanks in advance






node.js express cookies







share|improve this question
























  • github.com/expressjs/cookie-parser#api
    – robertklep
    Nov 11 at 13:59










  • But how can I sign cookies? @robertklep
    – Bablu Ahmed
    Nov 11 at 14:30













up vote
0
down vote

favorite









up vote
0
down vote

favorite











I am working on express/node.js and trying to understand cookies of expressjs and I'm setting cookie like this: 



var express = require('express');

var app = express();

var cookieParser = require('cookie-parser');

app.use(cookieParser());



app.get('/', function(req, res){

    res.cookie('cookie1', 'This is my first cooke', {maxAge: 1000*60*60*24*7, httpOnly: true});

    res.end('Cookie has been set');

});


And accessing cookies as follows:



app.get('/readCookies',function(req, res){

    res.send(req.cookies.cookie1);

});


But the problem is signed: true option when including this one for encoding cookie value during setting the cookie I am getting the following error:



Error: cookieParser("secret") required for signed cookies


Please help me and thanks in advance






node.js express cookies







share|improve this question















I am working on express/node.js and trying to understand cookies of expressjs and I'm setting cookie like this: 



var express = require('express');

var app = express();

var cookieParser = require('cookie-parser');

app.use(cookieParser());



app.get('/', function(req, res){

    res.cookie('cookie1', 'This is my first cooke', {maxAge: 1000*60*60*24*7, httpOnly: true});

    res.end('Cookie has been set');

});


And accessing cookies as follows:



app.get('/readCookies',function(req, res){

    res.send(req.cookies.cookie1);

});


But the problem is signed: true option when including this one for encoding cookie value during setting the cookie I am getting the following error:



Error: cookieParser("secret") required for signed cookies


Please help me and thanks in advance






node.js express cookies




node.js express cookies






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Nov 11 at 15:28

























asked Nov 11 at 12:04









Bablu Ahmed

910519




910519












  • github.com/expressjs/cookie-parser#api
    – robertklep
    Nov 11 at 13:59










  • But how can I sign cookies? @robertklep
    – Bablu Ahmed
    Nov 11 at 14:30


















  • github.com/expressjs/cookie-parser#api
    – robertklep
    Nov 11 at 13:59










  • But how can I sign cookies? @robertklep
    – Bablu Ahmed
    Nov 11 at 14:30
















github.com/expressjs/cookie-parser#api
– robertklep
Nov 11 at 13:59




github.com/expressjs/cookie-parser#api
– robertklep
Nov 11 at 13:59












But how can I sign cookies? @robertklep
– Bablu Ahmed
Nov 11 at 14:30




But how can I sign cookies? @robertklep
– Bablu Ahmed
Nov 11 at 14:30












2 Answers
2






active

oldest

votes

















up vote
1
down vote



accepted










The error is explaining what you need to do to be able to send signed cookies:




Error: cookieParser("secret") required for signed cookies




The Express documentation states:




When using cookie-parser middleware, this method also supports signed cookies. Simply include the signed option set to true. Then res.cookie() will use the secret passed to cookieParser(secret) to sign the value.




The cookie-parser documentation states:




cookieParser(secret, options):





  • secret a string or array used for signing cookies. This is optional and if not specified, will not parse signed cookies. If a string is provided, this is used as the secret.




So everything combined:





  • install cookie-parser middleware:



    npm install cookie-parser



  • add it to the Express app:



    const cookieParser = require('cookie-parser');
    

    
...
    
app.use(cookieParser('MY SECRET'));



  • make it sign cookies:



    res.cookie('cookie1', 'This is my first cookie', { signed : true });



  • and read the cookie value back:



    res.send(req.signedCookies.cookie1);







share|improve this answer




























    up vote
    1
    down vote













    If you set signed:true option, you have to set secret key as string as parameter for cookieParser() as follows:



    var express = require('express');
    
var app = express();
    
var cookieParser = require('cookie-parser');
    
//Set secret key
    
app.use(cookieParser('your random secret string here'));
    

    
//Set/Write Cookies
    
app.get('/',function(req, res){
    
    res.cookie('cookie1', 'This is my first cookie', {signed:true, maxAge: 1000*60*60*24*7, httpOnly: true});
    
    res.end('Cookie has been set');
    
});


    Otherwise just leave it blank as follows:



    app.use(cookieParser());


    For accessing the signed cookie value, you can try as follows:



    //Read Cookies
    
app.get('/readCookies',function(req, res){
    
    res.send(req.signedCookies['cookie1']);
    
    //OR, req.signedCookies.cookie1
    
});


    Or, you can check cookies from your browser console as follows if you don't set httpOnly: true option:



    document.cookie


    For destroying cookies try as follows:



    //Remove Cookies
    
app.get('/removeCookies',function(req, res){
    
    res.clearCookie('cookie1');
    
    res.send("Cookie has been cleared");
    
});


    For more details please check res.cookie(name, value [, options])






    share|improve this answer























      Your Answer






      StackExchange.ifUsing("editor", function () {
      StackExchange.using("externalEditor", function () {
      StackExchange.using("snippets", function () {
      StackExchange.snippets.init();
      });
      });
      }, "code-snippets");

      StackExchange.ready(function() {
      var channelOptions = {
      tags: "".split(" "),
      id: "1"
      };
      initTagRenderer("".split(" "), "".split(" "), channelOptions);

      StackExchange.using("externalEditor", function() {
      // Have to fire editor after snippets, if snippets enabled
      if (StackExchange.settings.snippets.snippetsEnabled) {
      StackExchange.using("snippets", function() {
      createEditor();
      });
      }
      else {
      createEditor();
      }
      });

      function createEditor() {
      StackExchange.prepareEditor({
      heartbeatType: 'answer',
      convertImagesToLinks: true,
      noModals: true,
      showLowRepImageUploadWarning: true,
      reputationToPostImages: 10,
      bindNavPrevention: true,
      postfix: "",
      imageUploader: {
      brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
      contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
      allowUrls: true
      },
      onDemand: true,
      discardSelector: ".discard-answer"
      ,immediatelyShowMarkdownHelp:true
      });


      }
      });














      draft saved

      draft discarded


















      StackExchange.ready(
      function () {
      StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53248541%2ferror-cookieparsersecret-required-for-signed-cookies%23new-answer', 'question_page');
      }
      );

      Post as a guest















      Required, but never shown

























      2 Answers
      2






      active

      oldest

      votes








      2 Answers
      2






      active

      oldest

      votes









      active

      oldest

      votes






      active

      oldest

      votes








      up vote
      1
      down vote



      accepted










      The error is explaining what you need to do to be able to send signed cookies:




      Error: cookieParser("secret") required for signed cookies




      The Express documentation states:




      When using cookie-parser middleware, this method also supports signed cookies. Simply include the signed option set to true. Then res.cookie() will use the secret passed to cookieParser(secret) to sign the value.




      The cookie-parser documentation states:




      cookieParser(secret, options):





      • secret a string or array used for signing cookies. This is optional and if not specified, will not parse signed cookies. If a string is provided, this is used as the secret.




      So everything combined:





      • install cookie-parser middleware:



        npm install cookie-parser



      • add it to the Express app:



        const cookieParser = require('cookie-parser');
        

        
...
        
app.use(cookieParser('MY SECRET'));



      • make it sign cookies:



        res.cookie('cookie1', 'This is my first cookie', { signed : true });



      • and read the cookie value back:



        res.send(req.signedCookies.cookie1);







      share|improve this answer

























        up vote
        1
        down vote



        accepted










        The error is explaining what you need to do to be able to send signed cookies:




        Error: cookieParser("secret") required for signed cookies




        The Express documentation states:




        When using cookie-parser middleware, this method also supports signed cookies. Simply include the signed option set to true. Then res.cookie() will use the secret passed to cookieParser(secret) to sign the value.




        The cookie-parser documentation states:




        cookieParser(secret, options):





        • secret a string or array used for signing cookies. This is optional and if not specified, will not parse signed cookies. If a string is provided, this is used as the secret.




        So everything combined:





        • install cookie-parser middleware:



          npm install cookie-parser



        • add it to the Express app:



          const cookieParser = require('cookie-parser');
          

          
...
          
app.use(cookieParser('MY SECRET'));



        • make it sign cookies:



          res.cookie('cookie1', 'This is my first cookie', { signed : true });



        • and read the cookie value back:



          res.send(req.signedCookies.cookie1);







        share|improve this answer























          up vote
          1
          down vote



          accepted







          up vote
          1
          down vote



          accepted






          The error is explaining what you need to do to be able to send signed cookies:




          Error: cookieParser("secret") required for signed cookies




          The Express documentation states:




          When using cookie-parser middleware, this method also supports signed cookies. Simply include the signed option set to true. Then res.cookie() will use the secret passed to cookieParser(secret) to sign the value.




          The cookie-parser documentation states:




          cookieParser(secret, options):





          • secret a string or array used for signing cookies. This is optional and if not specified, will not parse signed cookies. If a string is provided, this is used as the secret.




          So everything combined:





          • install cookie-parser middleware:



            npm install cookie-parser



          • add it to the Express app:



            const cookieParser = require('cookie-parser');
            

            
...
            
app.use(cookieParser('MY SECRET'));



          • make it sign cookies:



            res.cookie('cookie1', 'This is my first cookie', { signed : true });



          • and read the cookie value back:



            res.send(req.signedCookies.cookie1);







          share|improve this answer












          The error is explaining what you need to do to be able to send signed cookies:




          Error: cookieParser("secret") required for signed cookies




          The Express documentation states:




          When using cookie-parser middleware, this method also supports signed cookies. Simply include the signed option set to true. Then res.cookie() will use the secret passed to cookieParser(secret) to sign the value.




          The cookie-parser documentation states:




          cookieParser(secret, options):





          • secret a string or array used for signing cookies. This is optional and if not specified, will not parse signed cookies. If a string is provided, this is used as the secret.




          So everything combined:





          • install cookie-parser middleware:



            npm install cookie-parser



          • add it to the Express app:



            const cookieParser = require('cookie-parser');
            

            
...
            
app.use(cookieParser('MY SECRET'));



          • make it sign cookies:



            res.cookie('cookie1', 'This is my first cookie', { signed : true });



          • and read the cookie value back:



            res.send(req.signedCookies.cookie1);








          share|improve this answer












          share|improve this answer



          share|improve this answer










          answered Nov 11 at 14:53









          robertklep

          133k17231240




          133k17231240
























              up vote
              1
              down vote













              If you set signed:true option, you have to set secret key as string as parameter for cookieParser() as follows:



              var express = require('express');
              
var app = express();
              
var cookieParser = require('cookie-parser');
              
//Set secret key
              
app.use(cookieParser('your random secret string here'));
              

              
//Set/Write Cookies
              
app.get('/',function(req, res){
              
    res.cookie('cookie1', 'This is my first cookie', {signed:true, maxAge: 1000*60*60*24*7, httpOnly: true});
              
    res.end('Cookie has been set');
              
});


              Otherwise just leave it blank as follows:



              app.use(cookieParser());


              For accessing the signed cookie value, you can try as follows:



              //Read Cookies
              
app.get('/readCookies',function(req, res){
              
    res.send(req.signedCookies['cookie1']);
              
    //OR, req.signedCookies.cookie1
              
});


              Or, you can check cookies from your browser console as follows if you don't set httpOnly: true option:



              document.cookie


              For destroying cookies try as follows:



              //Remove Cookies
              
app.get('/removeCookies',function(req, res){
              
    res.clearCookie('cookie1');
              
    res.send("Cookie has been cleared");
              
});


              For more details please check res.cookie(name, value [, options])






              share|improve this answer



























                up vote
                1
                down vote













                If you set signed:true option, you have to set secret key as string as parameter for cookieParser() as follows:



                var express = require('express');
                
var app = express();
                
var cookieParser = require('cookie-parser');
                
//Set secret key
                
app.use(cookieParser('your random secret string here'));
                

                
//Set/Write Cookies
                
app.get('/',function(req, res){
                
    res.cookie('cookie1', 'This is my first cookie', {signed:true, maxAge: 1000*60*60*24*7, httpOnly: true});
                
    res.end('Cookie has been set');
                
});


                Otherwise just leave it blank as follows:



                app.use(cookieParser());


                For accessing the signed cookie value, you can try as follows:



                //Read Cookies
                
app.get('/readCookies',function(req, res){
                
    res.send(req.signedCookies['cookie1']);
                
    //OR, req.signedCookies.cookie1
                
});


                Or, you can check cookies from your browser console as follows if you don't set httpOnly: true option:



                document.cookie


                For destroying cookies try as follows:



                //Remove Cookies
                
app.get('/removeCookies',function(req, res){
                
    res.clearCookie('cookie1');
                
    res.send("Cookie has been cleared");
                
});


                For more details please check res.cookie(name, value [, options])






                share|improve this answer

























                  up vote
                  1
                  down vote










                  up vote
                  1
                  down vote









                  If you set signed:true option, you have to set secret key as string as parameter for cookieParser() as follows:



                  var express = require('express');
                  
var app = express();
                  
var cookieParser = require('cookie-parser');
                  
//Set secret key
                  
app.use(cookieParser('your random secret string here'));
                  

                  
//Set/Write Cookies
                  
app.get('/',function(req, res){
                  
    res.cookie('cookie1', 'This is my first cookie', {signed:true, maxAge: 1000*60*60*24*7, httpOnly: true});
                  
    res.end('Cookie has been set');
                  
});


                  Otherwise just leave it blank as follows:



                  app.use(cookieParser());


                  For accessing the signed cookie value, you can try as follows:



                  //Read Cookies
                  
app.get('/readCookies',function(req, res){
                  
    res.send(req.signedCookies['cookie1']);
                  
    //OR, req.signedCookies.cookie1
                  
});


                  Or, you can check cookies from your browser console as follows if you don't set httpOnly: true option:



                  document.cookie


                  For destroying cookies try as follows:



                  //Remove Cookies
                  
app.get('/removeCookies',function(req, res){
                  
    res.clearCookie('cookie1');
                  
    res.send("Cookie has been cleared");
                  
});


                  For more details please check res.cookie(name, value [, options])






                  share|improve this answer














                  If you set signed:true option, you have to set secret key as string as parameter for cookieParser() as follows:



                  var express = require('express');
                  
var app = express();
                  
var cookieParser = require('cookie-parser');
                  
//Set secret key
                  
app.use(cookieParser('your random secret string here'));
                  

                  
//Set/Write Cookies
                  
app.get('/',function(req, res){
                  
    res.cookie('cookie1', 'This is my first cookie', {signed:true, maxAge: 1000*60*60*24*7, httpOnly: true});
                  
    res.end('Cookie has been set');
                  
});


                  Otherwise just leave it blank as follows:



                  app.use(cookieParser());


                  For accessing the signed cookie value, you can try as follows:



                  //Read Cookies
                  
app.get('/readCookies',function(req, res){
                  
    res.send(req.signedCookies['cookie1']);
                  
    //OR, req.signedCookies.cookie1
                  
});


                  Or, you can check cookies from your browser console as follows if you don't set httpOnly: true option:



                  document.cookie


                  For destroying cookies try as follows:



                  //Remove Cookies
                  
app.get('/removeCookies',function(req, res){
                  
    res.clearCookie('cookie1');
                  
    res.send("Cookie has been cleared");
                  
});


                  For more details please check res.cookie(name, value [, options])







                  share|improve this answer














                  share|improve this answer



                  share|improve this answer








                  edited Nov 16 at 17:44

























                  answered Nov 11 at 15:02









                  w3outlook

                  2568




                  2568






























                      draft saved

                      draft discarded




















































                      Thanks for contributing an answer to Stack Overflow!


                      • Please be sure to answer the question. Provide details and share your research!

                      But avoid



                      • Asking for help, clarification, or responding to other answers.

                      • Making statements based on opinion; back them up with references or personal experience.


                      To learn more, see our tips on writing great answers.





                      Some of your past answers have not been well-received, and you're in danger of being blocked from answering.


                      Please pay close attention to the following guidance:


                      • Please be sure to answer the question. Provide details and share your research!

                      But avoid



                      • Asking for help, clarification, or responding to other answers.

                      • Making statements based on opinion; back them up with references or personal experience.


                      To learn more, see our tips on writing great answers.




                      draft saved


                      draft discarded














                      StackExchange.ready(
                      function () {
                      StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53248541%2ferror-cookieparsersecret-required-for-signed-cookies%23new-answer', 'question_page');
                      }
                      );

                      Post as a guest















                      Required, but never shown





















































                      Required, but never shown














                      Required, but never shown












                      Required, but never shown







                      Required, but never shown

































                      Required, but never shown














                      Required, but never shown












                      Required, but never shown







                      Required, but never shown







                      -

                      Popular posts from this blog

                      The Sandy Post

                      Image
                      The Sandy Post From Wikipedia, the free encyclopedia Jump to navigation Jump to search The Sandy Post Type Weekly Newspaper Format Tabloid Owner(s) Community Newspapers/Pamplin Media Group Publisher J. Mark Garber Editor Steve Brown Founded 1937  ( 1937 ) Headquarters Sandy, Oregon Circulation 3,800 Website www.pamplinmedia.com/sandy-post-home/ This article needs additional citations for verification . Please help improve this article by adding citations to reliable sources. Unsourced material may be challenged and removed. (February 2010) (Learn how and when to remove this template message) The Sandy Post is a weekly newspaper, published in Sandy, Oregon, United States. The paper, founded in 1937, serves the communities of Sandy, Boring, the Villages at Mount Hood and the surrounding areas. The newspaper is owned by Community Newspapers/Pamplin Media Group, a company of ...
                      Read more

                      Danny Elfman

                      Image
                      Danny Elfman From Wikipedia, the free encyclopedia Jump to navigation Jump to search Danny Elfman Elfman at the 2010 San Diego Comic-Con Born Daniel Robert Elfman ( 1953-05-29 ) May 29, 1953 (age 65) Los Angeles, California, U.S. Spouse(s) Bridget Fonda ( m.  2003) Children 1 Musical career Genres Rock [1] ska [2] new wave film music video game music Occupation(s) Composer, singer, songwriter, record producer Instruments Trombone guitar percussion vocals keyboards [3] Years active 1972–present Associated acts Oingo Boingo James Newton Howard Daniel Robert Elfman (born May 29, 1953) is an American composer, singer, songwriter, and record producer. Elfman first became known for being the lead singer and songwriter for the band Oingo Boingo from 1974 to 1995. He is well known for scoring films and television shows, particularly his frequent collabora...
                      Read more

                      Pages that link to "Head v. Amoskeag Manufacturing Co."

                      Image
                      Help Pages that link to "Head v. Amoskeag Manufacturing Co." ← Head v. Amoskeag Manufacturing Co. Jump to navigation Jump to search What links here Page:   Namespace:  all (Article) Talk User User talk Wikipedia Wikipedia talk File File talk MediaWiki MediaWiki talk Template Template talk Help Help talk Category Category talk Portal Portal talk Book Book talk Draft Draft talk TimedText TimedText talk Module Module talk Gadget Gadget talk Gadget definition Gadget definition talk   Invert selection Filters Hide transclusions | Hide links | Hide redirects The following pages link to Head v. Amoskeag Manufacturing Co. External tools: Show redirects only View (previous 50 | next 50) (20 | 50 | 100 | 250 | 500) Amoskeag Manufacturing Company ‎ (links | edit) List of United States Supreme Court cases by the Waite Court ‎ (links | edit) Talk:Head v. Amoskeag Manuf...
                      Read more