0

Currently I am building a application using AngularJS 1.6 (http://localhost:8000), and Spring boot (http://localhost:8080). When the user log in, the spring boot api will add a cookie in the response, and I can see the cookie in the browser.

Then in another request to get the user, my backend code use

httpServletRequest.getCookies()

to get the cookie, but it always returns null.

When I used jsp and spring boot, it works well. So I am wondering if it is a cross domain issue.

In the backend, I already added the configuration:

response.setHeader("Access-Control-Allow-Origin", request.getHeader("Origin"));
response.setHeader("Access-Control-Allow-Credentials", "true");
response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
response.setHeader("Access-Control-Max-Age", "3600");
response.setHeader("Access-Control-Allow-Headers", "Content-Type, Accept, X-Requested-With, remember-me");

Can anyone give me some suggestions?

Thanks, Peter

sideshowbarker
  • 81,827
  • 26
  • 193
  • 197
PLee
  • 393
  • 9
  • 26
  • if you are using the cookie for validation, you can read the cookie from the frontend(angularjs) and add it to a header of the get user call. Then from backend(spring boot), you can try to read the cookie from the service call header. – simplelenz Aug 05 '18 at 17:27

1 Answers1

1

Did you try the withCredentials option in AngularJS?

If you add this configuration, the angular $http service will send the cookie when sending the request.

For example:

$http.post(url, {withCredentials: true, ...})

or add this configuration for all requests:

 angular.module('myApp')
 .config(['$httpProvider', function($httpProvider) {
  $httpProvider.defaults.withCredentials = true;
}])
  1. https://developer.mozilla.org/en-US/docs/Web/API/XMLHttpRequest/withCredentials
  2. AngularJS withCredentials
Fullstack Guy
  • 16,368
  • 3
  • 29
  • 44