From 84961b11f75c968f09992973daae4a1dd038a969 Mon Sep 17 00:00:00 2001 From: Frostyfrog Date: Sat, 25 Nov 2023 19:40:10 -0700 Subject: [PATCH] Cleanup "bad" cookies (#102) * fix: Move cookie-parser to app layer Signed-off-by: Colton Wolkins (Laptop) * fix: remove cookies that shouldn't be set Not quite sure if it's possible to check the path of a cookie, but either way, we should remove old "bad" cookies that are set in people's browsers. This cleanup code should assist in that work. Signed-off-by: Colton Wolkins (Laptop) --------- Signed-off-by: Colton Wolkins (Laptop) --- src/index.js | 11 +++++++++++ src/routes/index.js | 1 - 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/src/index.js b/src/index.js index ed0c0f0..23c7af3 100644 --- a/src/index.js +++ b/src/index.js @@ -98,6 +98,7 @@ app.use((req, res, next) => { }) app.use(require('body-parser').urlencoded({ extended: true })) +app.use(require('cookie-parser')()); app.use(session({ secret: config.secret, resave: false, @@ -108,6 +109,16 @@ app.use(session({ }, name: 'christmas_community.connect.sid' })) +app.use((req, res, next) => { + let basepath = req.path.substring(0, req.path.lastIndexOf("/")); + + // Clear cookies for paths that are not the base path. See #17 + if(basepath.length > config.base.length) { + res.clearCookie('christmas_community.connect.sid', {path: req.path}); + res.clearCookie('christmas_community.connect.sid', {path: basepath}); + } + next(); +}); app.use(flash()) app.use(passport.initialize()) app.use(passport.session()) diff --git a/src/routes/index.js b/src/routes/index.js index 86e05d9..647da11 100644 --- a/src/routes/index.js +++ b/src/routes/index.js @@ -29,7 +29,6 @@ module.exports = ({ db, config }) => { const router = express.Router() router.use('/', express.static(path.join(__dirname, '../static'))) - router.use(require('cookie-parser')()) router.get('/', async (req, res, next) => {