DEV Community 👩‍💻👨‍💻


Posted on

set cookies for cross origin requests

When http://portal sent a request to http://auth, http://auth failed to set user's cookie.

Set credential flag for request and modified the following response headers to fix it [1], [2]:

  • Access-Control-Allow-Origin (request.Header.Origin, no wildcard allowed)
  • Vary (Origin)
  • Access-Control-Allow-Credentials (true)

And we can followe w3schoool article to test cross domain request by browser console.

var xhttp = new XMLHttpRequest();
xhttp.onreadystatechange = function() {
};"GET", "http://auth", true);

Top comments (0)

Meeting a new developer

Stop by this week's meme thread!