You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I don't want to consider this breaking in v4, but ultimately because even an empty cookie can have semantic meaning, it is
I think it's debateable whether or not this is truly breaking in v4. I understand it is a change in implementation, but I think the implementation was bugged from the start.
You can define breaking as anything needing consumers to update their code. If folks had come to rely on the behavior here, for removing the value of a cookie and then resetting the expires into the future, then yes that would be breaking, and folks would have to update their code to use res.cookie to set a new cookie without a value.
Unfortunately, even a cookie without a value can have semantic meaning in some applications. So ughhh I guess this is breaking. I think it's a bug in v4, but it would indeed be a breaking change if someone went screwball and used this behavior on purpose in their application. Hmmmm.
I guess we can deprecate this behavior in v4 and then remove it in v5 for SURE.
The text was updated successfully, but these errors were encountered:
deprecate accepting
maxAge
andexpires
in CookieOptions passed tores.clearCookie
.See #4852 (comment)
The text was updated successfully, but these errors were encountered: