AJAX 无法在 CORS 请求后在浏览器上设置 Cookie。 Set-Cookie 标头仅存在于 FireFox 中,不存在于 Chrome 中
[英]AJAX fails to set Cookies on browser after CORS request. Set-Cookie header is present only in FireFox, not in Chrome
问题描述
I am sending an AJAX request using JQuery to a NodeJS server, which SHOULD be setting cookies back to the client without a problem, but it's NOT.
我正在使用 JQuery 向 NodeJS 服务器发送 AJAX 请求,该服务器应该毫无问题地将 cookie 设置回客户端,但事实并非如此。 I can see the Set-Cookie headers in the response, yet skimming the document.cookie string does NOT contain my cookies,.我可以在响应中看到Set-Cookie标头,但略读document.cookie字符串不包含我的 cookie。 If anyone could take a look over this code, I would much appreciate it.如果有人能看一下这段代码,我将不胜感激。
Request Code:请求代码:
$.ajax({
type: "POST",
url: "https://my-site/mailcamp",
contentType: "application/json",
dataType: "json",
processData:false,
data: JSON.stringify(reqBody),
success: function (data) {
console.log(data);
},
xhrFields: { withCredentials: true },
crossDomain: true,
})
Server Response:服务器响应:
app.use('/*', function(req, res, next) {
res.header("Access-Control-Allow-Origin", "https://www.texashunterproducts.com");
res.header("Access-Control-Allow-Headers", "Origin, x-access-token, x-user-pathway, x-mongo-key, X-Requested-With, Content-Type, Accept");
res.header("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE, PUT");
res.header("Access-Control-Allow-Credentials", true);
next();
});
router.route('/mailcamp')
.post(async (req, res, next) => {
try {
res.setHeader('Set-Cookie', [`texaspopup=true`]);
res.cookie("texcookienowpopupnow", "trueasheck")
res.send("Send me dem cookiez");
} catch(err) { next(err) }
})
I'm just NOT getting this in document.cookie.我只是没有在 document.cookie 中得到这个。 I have some strange inconsistencies:我有一些奇怪的矛盾:
I can clearly see the Set-Cookie response header in FireFox Network Tab:我可以清楚地看到 FireFox 网络选项卡中的Set-Cookie响应标头:
However, it is completely missing in Chrome!然而,它在 Chrome 中完全没有!
I'm not able to find the cookie when parsing document.cookie at all.我根本无法在解析document.cookie时找到 cookie。 I've copy+pasted the contents of document.cookie and can not find my key/value pair using ctrl+f .我复制并粘贴了document.cookie的内容,但无法使用ctrl+f找到我的键/值对。 Why?为什么? What's going on here?这里发生了什么? It shouldn't be hidden because I'm not adding Httponly markers on the cookie, and I'm sending it directly to the domain that I am querying from.它不应该被隐藏,因为我没有在 cookie 上添加Httponly标记,而是将它直接发送到我正在查询的域。
1 个解决方案
解决方案1
0 已采纳 2018-12-16 01:40:51
This was a foolish problem.这是一个愚蠢的问题。 It's a third party cookie.这是第三方 cookie。 While it is set by an external domain, it can't be read by the receiver via doc.cookies, only when browsing to the domain from which the cookie was sent.虽然它是由外部域设置的,但接收者不能通过 doc.cookies 读取它,只有在浏览到发送 cookie 的域时才能读取。 I ended up using code from this source to set a cookie locally within the client, as well as sending the subsequent request to accomplish the server action:我最终使用此来源的代码在客户端本地设置 cookie,并发送后续请求以完成服务器操作:
https://developer.mozilla.org/en-US/docs/Web/API/Document/cookie/Simple_document.cookie_framework https://developer.mozilla.org/en-US/docs/Web/API/Document/cookie/Simple_document.cookie_framework
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.