I am trying to set a cookie for an API that runs on localhost:4000in a web application hosted on localhost:3000.
I seem to get the correct response headers in the browser, but unfortunately they have no effect. These are the response headers:
HTTP / 1.1 200 OK
Access-Control-Allow-Origin: http: // localhost: 3000
Vary: Origin, Accept-Encoding
Set-Cookie: token = 0d522ba17e130d6d19eb9c25b7ac58387b798639f81ffe75bd449afbc3cc715d6b038e426adeac3316f0511dc7fae3f7; Max-Age = 86400; Domain = localhost: 4000; Path = /; Expires = Tue, 19 Sep 2017 21:11:36 GMT; HttpOnly
Content-Type: application / json; charset = utf-8
Content-Length: 180
ETag: W / "b4-VNrmF4xNeHGeLrGehNZTQNwAaUQ"
Date: Mon, 18 Sep 2017 21:11:36 GMT
Connection: keep-alive
Moreover, I see a cookie under Response Cookieswhen I check traffic using the "Network" tab of the Chrome developer tools. However, I don’t see the cookie being set on the “Application” tab in the section Storage/Cookies. I do not see CORS errors, so I assume that I am missing something else.
Any suggestions?
Update I:
I use the request module in a React-Redux application to request an endpoint request to /signinthe server. For the server I use express.
Express server:
res.cookie ('token', 'xxx-xxx-xxx', {maxAge: 86400000, httpOnly: true, domain: 'localhost: 3000'})
Request in browser:
request.post ({uri: '/ signin', json: {userName: 'userOne', password: '123456'}}, (err, response, body) => {
// doing stuff
})II:
, , , . . Access-Control-Allow-Credentials, Access-Control-Allow-Headers, Access-Control-Allow-Methods Access-Control-Allow-Origin. , Axios github, , . , ...
