Why are the cookies are being sent with every request but not visible in browser console or with document.cookie?

huangapple go评论86阅读模式
英文:

Why are the cookies are being sent with every request but not visible in browser console or with document.cookie?

问题

我有一个非常奇怪的问题,我在我的Angular 7项目中使用express服务器在浏览器中设置cookie,然后API调用后应该发送带有cookie的请求。响应头显示cookie已经设置,后续API调用的请求头显示cookie已经被发送。但问题是,cookie在浏览器开发者控制台或document.cookie的输出中不可见。下面附上了设置cookie的响应头的截图:

Why are the cookies are being sent with every request but not visible in browser console or with document.cookie?

在进行进一步的API调用时,以下是附加的请求头:

Why are the cookies are being sent with every request but not visible in browser console or with document.cookie?

这个问题未解决该问题,因为HttpOnly cookie只有1个,即使是HttpOnly cookie也应该在浏览器开发者控制台上显示。

英文:

I have a very strange problem, I am using an express server to set cookies in my Angular 7 project in the browser and later API calls are supposed to send cookies with them. The response header shows that the cookie is being set and request headers of later API calls show that the cookies are being sent. But the problem is the cookies are not visible in the Browser Developer console or as the output of document.cookie. Below attached is the screenshot of response header for setting cookies:

Why are the cookies are being sent with every request but not visible in browser console or with document.cookie?

Below is the request header attached while making further API calls:

Why are the cookies are being sent with every request but not visible in browser console or with document.cookie?

This question does not resolve the issue as HttpOnly cookie is only 1 out of 3 and even the HttpOnly cookies should be displayed on the browser developer console.

答案1

得分: 4

The cookie's domain should match the domain of the UI app to be seen in developer tools. If the cookie is dropped in api.domain.com and app is in ui.domain.com then via developer tools you can only see cookies in ui.domain.com. You can try explicitly setting the cookie domain to domain.com to see them in dev tools.

英文:

The cookie's domain should match the domain of the UI app to be seen in developer tools. If the cookie is dropped in api.domain.com and app is in ui.domain.com then via developer tools you can only see cookies in ui.domain.com. You can try explicitly setting the cookie domain to domain.com to see them in dev tools

答案2

得分: 0

此外,您可以使用通配符为 domain 属性设置您的 cookie,例如:.domain.com

英文:

In addition, you can set your cookie with a wildcard for the domain property, eg: .domain.com.

huangapple
  • 本文由 发表于 2020年1月3日 15:24:21
  • 转载请务必保留本文链接:https://go.coder-hub.com/59574674.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定