Set-Cookie header not setting cookie in Chrome

Question

I'm AJAXing a call to a another services API, which is then supposed to return a cookie that will be set in my browser to allow me to make the rest of my API calls.

However, while the response headers include a 'Set-Cookie' header, no cookie is ever actually set. I'm using Google Chrome.

Here is the Response Headers:

Access-Control-Allow-Origin:*
Cache-Control:no-cache
Connection:keep-alive
Content-Encoding:gzip
Content-Length:37
Content-Type:application/json
Date:Thu, 25 Jun 2015 18:27:37 GMT
Expires:Thu, 25 Jun 2015 18:27:36 GMT
Server:nginx/1.4.6 (Ubuntu)
Set-Cookie:sessionid=67cb9796aa794a4975b28876ea6dd3d5; expires=Thu, 09-Jul-2015 18:27:37 GMT; httponly; Max-Age=1209600; Path=/
Vary:Cookie

And here is the AJAX call:

$.ajax({
            type: "POST",
            crossDomain: true,
            contentType: 'text/plain',
            data: data,
            url: urlhere 
            success: function(result, status, xhr){
                console.log('hi');
                console.log(xhr.getAllResponseHeaders());
            }, 
            error: function(xhr){
                console.log(xhr.status);
                console.log(xhr.statusText);
            }
});

The Chrome resources page also shows that no cookie is being set. Any and all help would be greatly appreciated!

Answer 1

You need to append withCredentials to your XHR call, this answer shows how to do that with jQuery. https://stackoverflow.com/a/7190487 Without that additional flag, the browser will not accept a set-cookie header.