Thanks a lot! First of all, it depends on whether or not you're using cookies to store the session id. express-session as we use it in the article works with cookies. In that case, you need the credentials header.
Depending on whether or not your frontend and backend are running on the same domain you might also use same-origin instead. Have a look here for all options.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Thanks a lot! First of all, it depends on whether or not you're using cookies to store the session id.
express-session
as we use it in the article works with cookies. In that case, you need the credentials header.Depending on whether or not your frontend and backend are running on the same domain you might also use
same-origin
instead. Have a look here for all options.