0

I have a SignalR JavaScript client (https://domainA.com) talking to a SignalR Api (https://domainB.com). Signalr version 2.2.0. I need to pass in a token via a cookie to the Api. While this works in dev it doesn’t work when deployed to an Azure App Service. The cookie is not being sent along with the requests.

JavaScript Code 

//Set cookie
document.cookie = "DomainAToken=" + token + "; domain=domainA.com; path=/";

//call signalr hub
$.connection.hub.start({
    withCredentials: true
}).done(init);

I am setting the CORS policy on the Api. Owin Startup:

var policy = new CorsPolicy
{
    AllowAnyHeader = true,
    AllowAnyMethod = true,
    SupportsCredentials = true
};

policy.Origins.Add("https://domainA.com");

app.Map("/signalr", map =>
{    
    map.UseCors(new CorsOptions
    {
        PolicyProvider = new CorsPolicyProvider
        {
            PolicyResolver = context => Task.FromResult(policy)
        }
    });
    map.RunSignalR(hubConfiguration);
});

Returning the response headers as follows.

Access-Control-Allow-Credentials: true Access-Control-Allow-Origin: https://domainA.com

In localhost it works, but on Azure, the cookie is not set. Is there no way to make cookies work cross domain with signalr?

sideshowbarker
  • 81,827
  • 26
  • 193
  • 197
webdevbing
  • 322
  • 1
  • 3
  • 12

1 Answers1

0

Just ran into something that might be the reason..

If you are using this on the default azurewebsites.net domain, the reason it won't work is because browsers block setting cookies on certain domains. For reference see this:

https://publicsuffix.org/list/effective_tld_names.dat

Also this SO answer:

Creating a javascript cookie on a domain and reading it across sub domains

Community
  • 1
  • 1
Jliu
  • 1
  • 1
  • Yes using a custom dns was how I solved the issue. It wasn't working with azurewebsites.net. As Marco mentioned if you post the essential parts of the answer I'll be happy to mark it as the correct answer. – webdevbing Dec 04 '16 at 03:53