Meteor browser-policy, IR Server side routes, and cookies


My application, at for example, uses a Iron Router server side route to process data and generate a pdf. Since it’s just a server side route, there’s no integration with the Meteor accounts package. Therefore I’m using the mrt:cookies package to handle tokens and to search the Meteor.users collection.

This works fine.

But once I install the Meteor browser-policy package, and added the following code:

// server/policy.js


 var trusted = [

 _.each(trusted, function(origin) {
   origin = "https://" + origin;

When I ran the server side route, I get what looks like a bunch of garbage returned, instead of a proper pdf like before.

What am I doing wrong?


Created a SO question on this here:


My server side route looks similar to this:

Router.route('/server-side-route', function(req, res) {
  var cookies = new Cookies(req),
  userId = cookies.get("meteor_user_id") || "",
  token = cookies.get("meteor_token") || "";

  //Check a valid user with this token exists
  var user = Meteor.users.findOne({
    _id: userId,
    'services.resume.loginTokens.hashedToken' : Accounts._hashLoginToken(token)


}, {name: 'get_stuff_done', where: 'server'});