2

I am building a web application using ASP.NET Web API and SignalR. I have a pretty good understanding of HTTP but this problem is beyond me.

Currently, I am setting a cookie on all AJAX requests to this API. Subsequent AJAX requests to the API send the cookie without issue.

However, I would like this cookie to also be used in the SignalR requests that establish a connection, but according to Chrome, the cookie is not being sent in these requests. I have the cookie set as HTTPOnly. Currently, everything is running locally; all requests go to localhost:port. The domain on the cookie is being set to localhost as well.

My SignalR connections look like this:

var connection = $.connection("/updates");
/* set handlers here */
connection.start(function () {
    console.log("connection started!");
});

It seems as if Chrome thinks this is a CORS request and is withholding the cookies. The requests are on the same domain however, so this does not make much sense.

abrodersen
  • 153
  • 2
  • 9
  • Are you requesting the cookie from your hub? Like: cookie = Context.RequestCookies["sid"];? – Johan B Jan 10 '13 at 10:01
  • I'm using plain old PersistantConnections. The issue turned out to be how my cookies were configured. See my answer. Thanks for the suggestion, though. – abrodersen Jan 10 '13 at 22:24

1 Answers1

2

Turns out I don't understand cookies well enough. Browsers seem to have trouble handling TLDs like localhost as the cookie domain. Therefore, I left the domain undefined, so that the cookie will default to the domain of the request.

However, the path parameter needed to be set to / in order to make sure the cookie is sent in all requests.

Once I made these changes, everything worked as expected, and my cookies were plainly visible in SignalR.

abrodersen
  • 153
  • 2
  • 9