0

I have an anchor element like this

<a class="head-buttons" href="https://clearsession.bkoo.org">Sign Out</a>

and in my header element, I am setting the cookie like this

ngOnInit() {
    document.cookie = "redirect=https://testqa.bkoo.org"
    document.cookie = "path=/";
    document.cookie = "domain=bkoo.org";
    document.cookie = "max-age=-1";
}

What I want to achieve is to send a cookie to https://clearsession.bkoo.org, and the server will read that redirect key in the cookie and will redirect to that URL. However, when I check the cookie in the chrome inspection, the domain=bkoo.org is set as a key value, not as a "Domain". The "Domain" is set as the URL of the application which is testqa.bkoo.org, not bkoo.org. Is there a way to do this on the front end? If I edit my Domain from the Chrome inspector, clearsession.bkoo.org accepts the redirect key from the cookie and it redirects to that URL correctly.

In my old application, the Java controller on the backend sends the response header with the "Set-Cookie:" property but we are getting rid of the JSP shell

BKoo
  • 95
  • 3
  • 13
  • I don't think this is related to Angular. This is more of a javascript question and a security concern. If you want the cookie to mimic the contract your server has for a correct domain then you probably need a proxy on your end of where you host your application. so http://foo.com = localhost. Something along those lines – Nico Mar 08 '19 at 18:04

1 Answers1

0

Try this

domain Optional The domain from where the cookie will be readable. E.g., "example.com", ".example.com" (includes all subdomains) or "subdomain.example.com"; if not specified, defaults to the host portion of the current document location (string or null).

Refer to https://developer.mozilla.org/en-US/docs/Web/API/Document/cookie/Simple_document.cookie_framework

Creating a JavaScript cookie on a domain and reading it across sub domains

Nikhil Walvekar
  • 510
  • 3
  • 9