Comments (19)
Yup agree that will solve the issue
from sveltekit-flash-message.
Yes, I think it's better to make a SvelteKit issue for this, to avoid any problems if they change things in the future. Maybe even suggest that dev
is a better check instead of the hostname.
from sveltekit-flash-message.
Does it work if you don't use the event-style toast message, but just displaying it on the page?
from sveltekit-flash-message.
Try the RC 2 now, and see if it's worknig better.
from sveltekit-flash-message.
RC2 has stopped duplication.
For some reason I am still not seeing a flash message when the user is logged out after changing their password.
RC2 has fixed the issue where the flash message would appear when the user logs back in with the new password.
However now the flash message never appears.
from sveltekit-flash-message.
I think I've narrowed the issue down to the use of an inner layout.
My folder looks like this:
src/routes/
│ settings/
│ ├ details/
│ ├ preferences/
│ ├ changepassword/
│ ├ +layout.server.ts
│ └ +layout.svelte
├ admin/
├ +layout.server.ts
└ +layout.svelte
So when I trigger the redirect with flash message from within the changepassword route it hits the inner layout.server.ts which does not have export const load = loadFlashMessage(async (event) => {}
code.
My most parent layout does.
Does my inner layout need this as well?
from sveltekit-flash-message.
I'm not sure, if you're passing the parent layout data to the inner layout, I don't think it's needed.
from sveltekit-flash-message.
I have the same issue with this one and #10, I guess something is off. I will try and reproduce this.
@Josh-Nicholson have you been able to fix this?
from sveltekit-flash-message.
@ciscoheat I believe the issue is this one: https://stackoverflow.com/questions/74915712/sveltekit-cookies-set-in-form-action-not-working
And I am able to fix it with a patch like this:
diff --git a/node_modules/sveltekit-flash-message/dist/server.js b/node_modules/sveltekit-flash-message/dist/server.js
index abda090..283cf5d 100644
--- a/node_modules/sveltekit-flash-message/dist/server.js
+++ b/node_modules/sveltekit-flash-message/dist/server.js
@@ -84,10 +84,10 @@ function realRedirect(status, location, message, event) {
return redir(status, location.toString());
if (!event)
throw new Error('RequestEvent is required for redirecting with flash message');
- event.cookies.set(cookieName, JSON.stringify(message), { httpOnly, path, maxAge });
+ event.cookies.set(cookieName, JSON.stringify(message), { httpOnly, path, maxAge, secure: false });
return redir(status, location.toString());
}
export function setFlash(message, event) {
const cookies = 'cookies' in event ? event.cookies : event;
- cookies.set(cookieName, JSON.stringify(message), { httpOnly, path, maxAge });
+ cookies.set(cookieName, JSON.stringify(message), { httpOnly, path, maxAge, secure: false });
}
I was using Brave to run the application. Seems like this is something need to be addressed?
from sveltekit-flash-message.
I'm not sure about the security implication of forcing insecure cookies. Does it only apply when using localhost?
from sveltekit-flash-message.
I'm not sure about the security implication of forcing insecure cookies. Does it only apply when using localhost?
I am not sure as well, and seems to be browser specific. If we are designing this package to be only used with SvelteKit, I think we can use import { dev } from '$app/environment';
, and secure: dev ? false : true
. I guess every website in production will be in https and the cookie can be secure
from sveltekit-flash-message.
Yes, that was what I was thinking as well. If the problem occurs only in dev/localhost, that is?
from sveltekit-flash-message.
The SvelteKit default settings for the secure option is here. Can you check if it works with setting secure to:
dev && location.protocol === 'http:' ? false : true
from sveltekit-flash-message.
@ciscoheat I guess it has to be url.hostname === 'localhost' || url.protocol === 'http:'
, or even just url.protocol === 'http:'
. It is not unusual to use 0.0.0.0
instead of localhost
for development, when the backend is in Docker/K8s and you need to send cookies in that domain
from sveltekit-flash-message.
I'm curious, since it didn't work for you, do you see any problem with the SvelteKit default value for secure, which may have caused you the problem?
url.hostname === 'localhost' && url.protocol === 'http:' ? false : true
from sveltekit-flash-message.
I'm curious, since it didn't work for you, do you see any problem with the SvelteKit default value for secure, which may have caused you the problem?
url.hostname === 'localhost' && url.protocol === 'http:' ? false : true
Oh I didn't see any log for that, and I guess there will be no log on server if the cookie cannot be set? Anyway my issue is I am running sveltekit in http://0.0.0.0:8000
, thats why it does not work.
But indeed if that is the default, maybe the change should be made upstream in Sveltekit. I thought the link was coming from this package previously and you tried to fix it. Sorry for the confusion for my replies
from sveltekit-flash-message.
@winston0410 Did you have time to make a issue for SvelteKit about this?
from sveltekit-flash-message.
nope sorry I havn't done that yet
from sveltekit-flash-message.
Closing this, as it's a SvelteKit issue.
from sveltekit-flash-message.
Related Issues (20)
- Example for flashCookieOptions HOT 7
- Flash Messages Not Working HOT 5
- Error when using vitest 0.34.1 - Failed to resolve entry for package "sveltekit-flash-message". HOT 3
- Flash message not appearing when using layout groups. HOT 2
- Firefox Warning: Misuse of the SameSite Cookie Attribute HOT 3
- setFlash not working HOT 3
- Persistent Flash store data after server redirect HOT 12
- flash store undefined after redirect HOT 1
- Identifier 'load' has already been declared HOT 8
- Error: getFlash options can only be set at the first call to getFlash. HOT 9
- feature request: consider adhering to SvelteKit 2.0 practices regarding (not) throwing errors/redirects HOT 3
- chore: update SvelteKit `peerDependency`
- Persistant error after HTTP 500 status: `getFlash options can only be set once, at a top-level component` HOT 5
- `redirect` with two parameters does not work with type `Cookies` HOT 1
- Suggestion: improve `getFlash` options HOT 1
- No redirect option to another page within form action? HOT 2
- any support in PageServerLoad? HOT 2
- Could not show flash message when redirecting. HOT 14
- Feature Request: More properties to work better with svelte-sonner HOT 2
- flash does not trigger. HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from sveltekit-flash-message.