When http://portal
sent a request to http://auth
, http://auth
failed to set user's cookie.
Set credential flag for request and modified the following response headers to fix it [1], [2]:
- Access-Control-Allow-Origin (request.Header.Origin, no wildcard allowed)
- Vary (Origin)
- Access-Control-Allow-Credentials (true)
And we can followe w3schoool article to test cross domain request by browser console.
var xhttp = new XMLHttpRequest();
xhttp.onreadystatechange = function() {
console.log(this);
};
xhttp.open("GET", "http://auth", true);
xhttp.send();
Top comments (0)