I'm trying to figure out why Chrome (26.0.1410.64) and IE10 don't seem to recognize the cookie I set in my response from an ASP.NET Web API controller. Here is the situation:
I have a drop-down menu login form on my page that makes an ajax call to my Web API method (via HTTP POST) and that Web API method returns some JSON data and also sets a cookie in the response (using the HTTP headers). It works perfectly in Firefox and Safari (so, WebKit) but not in Chrome or IE. Chrome and IE appear to completely ignore the cookie that's sent back in the response. I've verified (using Fiddler) that the cookie is sent back on the response so I know it's there - I can't figure out why IE10 and Chrome don't pick it up though.
Any ideas? Does it have something to do with how Chrome and IE10 handle response cookies in ajax requests?
So I figured out the issue, although it's not something I really would like to accept as a solution. I guess I will just have to deal with it and always test the site on my local machine using Firefox.
So here's the issue:
When I run my site locally by running it from Visual Studio and IIS on my local machine, it creates a website at an address like
http://localhost:1839/. For some reason, ajax cookies get ignored by IE10 and Chrome when it's "localhost" - but not when it's a real-looking host name or IP Address. So if I edit my host file and create a generic entry like localhost.com and point it at 127.0.0.1:1839 then everything works fine in IE and Chrome (and Firefox still as well).
It's when I use the
localhost:1839 address that ajax cookie only works in Firefox.
So what I ended up doing was deploying my website to a different test IIS server (on another machine) that I have a test.mydomain.com entry in my local host file for - that points to the test IIS server's IP address. Now IE, Chrome and Firefox all accept the ajax cookie from this faked "test.mydomain.com" domain.
So for those of you sending cookies back on an ajax request - beware of this "localhost" issue with Chrome and IE.