Swastik Pareek Swastik Pareek - 6 months ago 74
Javascript Question

CORS - Server side cookie is not getting saved on chrome browser

There is a node server which on accepting correct credentials of a user, passport js creates and sends a session cookie in request header by name of set-cookie.

But when I do an ajax request from my chrome browser accepts the request it doesn't adds the cookie on the client side . so when a new request generates from client side , the server doesn't authenticates it and throws 401.

I am confused whether it is a browser issue or an I am missing something from AJAX request

Please help.

Answer

Thanks for your answers . I was trying it withCredentials thing , but the session cookie was not getting set on my local.

The reason I figured out was the allowed origins. I need to set the allowed origins at the backend.

The XHR by is a secure request if passed with credentials property. So the client side browser only save the cookie if the allowed origin matches request origin.

So the simple fix was to change the host to something which matches to allowed origin .

At node end I need to do origin: 'domain.com' and at the front end I need to set my server (localhost) to point to test.domain.com. and bingo . It worked.!