CORS - cookie doesn't get sent or even set

StackOverflow https://stackoverflow.com/questions/18080659

  •  23-06-2022
  •  | 
  •  

문제

I have set withCredentials = true, and I get the following headers from the server 

Access-Control-Allow-Credentials:true
Access-Control-Allow-Headers:DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept,Origin,Referer
Access-Control-Allow-Methods:GET, POST, OPTIONS
Access-Control-Allow-Origin:.mydomain.com
Connection:keep-alive
Content-Type:application/json
Date:Tue, 06 Aug 2013 12:37:47 GMT
Server:nginx/1.1.19
Set-Cookie:sessionid=zjn8naedymjj6mm0aqjgxljbs3u1njzf; expires=Tue, 20-Aug-2013 12:37:47 GMT; httponly; Max-Age=1209600; Path=/
Transfer-Encoding:chunked
Vary:Cookie

but the cookie doesn't get set or transmitted on next request.

도움이 되었습니까?

해결책

It turned out that I can't just use .domain.com (wildcard) with Access-Control-Allow-Origin, and I have to use `http://exact.subdomain.example.com'

라이센스 : CC-BY-SA ~와 함께 속성
제휴하지 않습니다 StackOverflow
scroll top