https://stackoverflow.com/questions/18080659
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianIt turned out that I can't just use .domain.com (wildcard) with Access-Control-Allow-Origin, and I have to use `http://exact.subdomain.example.com'
CORS - cookie doesn't get sent or even set
题
I have set withCredentials = true, and I get the following headers from the server
Access-Control-Allow-Credentials:true
Access-Control-Allow-Headers:DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept,Origin,Referer
Access-Control-Allow-Methods:GET, POST, OPTIONS
Access-Control-Allow-Origin:.mydomain.com
Connection:keep-alive
Content-Type:application/json
Date:Tue, 06 Aug 2013 12:37:47 GMT
Server:nginx/1.1.19
Set-Cookie:sessionid=zjn8naedymjj6mm0aqjgxljbs3u1njzf; expires=Tue, 20-Aug-2013 12:37:47 GMT; httponly; Max-Age=1209600; Path=/
Transfer-Encoding:chunked
Vary:Cookie
but the cookie doesn't get set or transmitted on next request.
解决方案
不隶属于 StackOverflow
