38

I want to know if, when I make a $.post(...) with jQuery, is any cookie sent to the server in the post request?

Thanks!

Waylon Flinn
  • 19,969
  • 15
  • 70
  • 72
ramayac
  • 5,173
  • 10
  • 50
  • 58
  • 2
    If you use Firebug, you can look in the "Console" area to see any requests being made. Look in the headers for cookie data. – Nathan Long Oct 07 '09 at 20:16

5 Answers5

59

Cookies are sent with Ajax requests.

When the HTTPOnly flag is set for a cookie, this cookie is hidden from client-side scripts, but the cookie is still sent with Ajax requests.

Ayman Hourieh
  • 132,184
  • 23
  • 144
  • 116
  • 3
    HTTPOnly doesn't affect AJAX/HTTP requests, it only hides the cookie from the client-side script. It will still be sent to the server. – Christian Davén Sep 08 '09 at 17:31
2

Using the same cookies on the client and the server is not possible when you have httpOnlyCookies switched on. There is very good reason switch this on too:

http://www.codinghorror.com/blog/archives/001167.html

Chris Simpson
  • 7,821
  • 10
  • 48
  • 68
  • 2
    This is incorrect. Have a look at this question for a really good explanation of HTTPOnly+AJAX: http://stackoverflow.com/questions/27972/are-httponly-cookies-a-viable-option-for-an-ajax-website – Christian Davén Sep 08 '09 at 17:32
2

Using Firefox+Firebug you can see exactly what jQuery sends, and how. Useful for debugging!

MSpreij
  • 1,142
  • 13
  • 20
1

Sorry to be a wet blanket, but I'm going to contradict the positive vibes here and say NO.

I'm currently building an app using $.post to connect to my API backend, which is powered by Express and node.js. I'm using the Express cookie parser middleware to read cookies sent over in each request. If I hit my endpoint directly via the browser the backend server can see the cookies visible on my domain. However, when I use $.post in my app the cookie object is just blank.

It's possible I'm missing something but I've been testing this for the last couple hours and the conclusion I've come to is that cookies are simply not sent using a jQuery $.post request :/

briznad
  • 913
  • 1
  • 7
  • 10
  • Try with a typical html post. Your cookie debugger sounds screwy. Whether cookies are sent or not is a browser decision, not script/jquery. – Chris Moschini Oct 20 '11 at 00:03
  • 9
    This is because you're doing a cross-domain request, and cookies are not sent with cross-domain XHR requests. http://stackoverflow.com/questions/7911710/jquery-ajax-call-not-sending-cookie – Josh Jun 26 '12 at 15:01
0

One thing to consider is cookie path. If an ajax-loaded script sets a cookie then its path may be different than the parent page, putting it in a different scope for some server applications or JQuery. I spent a while today spinning my wheels on this then noticed the cookies I was having trouble reading had a different path set.

Simple fix for me was to set the path of all cookies to / with jquery in my ajax request like so:

 $.cookie("isolates_grid_tgl", "true", { path: "/" });

firebug cookies view

111
  • 1,788
  • 1
  • 23
  • 38