javascript - jQuery does not send Cookie to server -
cross-domain problem. http same domain https.
server requires x-requested-with header set in jquery ajax options:
'headers': {'x-requested-with': 'xmlhttprequest'} jquery sends option then:
options /my/test/ http/1.1 host: www.my.dev origin: http://www.my.dev access-control-request-method: post access-control-request-headers: x-requested-with server responds:
http/1.1 200 ok access-control-allow-origin: * access-control-allow-methods: get, post access-control-allow-headers: x-requested-with access-control-allow-credentials: true then jquery sends "actual" request:
post /my/test/ http/1.1 host: www.test.dev x-requested-with: xmlhttprequest origin: http://www.test.dev cookie header missing!
server responds with:
http/1.1 403 forbidden content-type: application/json set-cookie: sessid=3tg8svt3lrv97v155uv2kqr3o2; expires=sat, 25-apr-2015 17:35:13 gmt; max-age=259200; path=/ adding
'xhrfields': { 'withcredentials': true }, 'crossdomain': { 'crossdomain': true }, to jquery ajax options results in jquery not sending actual request @ all, options.
how send cookie? @ least confirm cookies sent in similar setup?
made work.
some important notes:
crossdomainnot seem anything- if have
withcredentialsin ajax options not haveaccess-control-allow-credentialsinoptionsresponse actual request not made - if not have
withcredentialsjquery not sendcookieheader - if not send
cookiein actual request server not sendaccess-control-allow-origin,access-control-allow-credentialsheaders back - response actual request must have
access-control-allow-origin,access-control-allow-credentialsheaders - otherwise jquery not parse response body (though sees response code , headers alright) , throws error console - having cookie domain not set not change anything
- headers letter case not matter though jquery lowercases forced header name
ps
- i'm not sure guess jquery not add special here jquery = browser
- server: nginx 1.7.6, php 5.5.24; browsers: ff31, chrome42; jquery 2.0.3
Comments
Post a Comment