14

I have got CORS working on my current project, although one thing I cannot seem to get working correctly is the cookies.

Now I get the cookie fine, the server issues it and sends it down and firefox accepts it, I can see it in the firebug cookies section. However when I make subsequent calls to that service it doesnt seem to send the cookie in the header...

GET /some/entity/ HTTP/1.1
Host: localhost:1837
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:5.0) Gecko/20100101 Firefox/5.0
Accept: */*
Accept-Language: en-gb,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Connection: keep-alive
Referer: http://localhost:6879
Origin: http://localhost:6879

Do I need to do anything special with my ajax call?

var ajaxOptions = {
    url: serviceResourceUrl,
    type: "get",
    dataType: "json",
    success: successCallback,
    error: failedCallback,
    xhrFields: { withCredentials: true }
};

$.ajax(ajaxOptions);
sideshowbarker
  • 81,827
  • 26
  • 193
  • 197
somemvcperson
  • 1,263
  • 2
  • 18
  • 31

1 Answers1

10

Try using the beforeSend property instead of xhrFields. In your case:

var ajaxOptions = {
    url: serviceResourceUrl,
    type: "get",
    dataType: "json",
    success: successCallback,
    error: failedCallback,
    beforeSend: function(xhr){
      xhr.withCredentials = true;
    }
};

$.ajax(ajaxOptions);

You can learn more here: Sending credentials with cross-domain posts?

Community
  • 1
  • 1
monsur
  • 45,581
  • 16
  • 101
  • 95
  • 1
    I was originally trying to do it that way, but it wouldnt work at all. Saw a post on the xhrFields: {...} and that worked for retrieving cookies for me. Will try the other method again. – somemvcperson Jul 05 '11 at 21:26
  • 1
    Just tried it, still no luck. The cookie can be seen in firebug, it has correct expiration and domain. When debugging on the service there are no cookies :( – somemvcperson Jul 05 '11 at 21:33
  • Sorry for all the comments, but just double checked the domain and in firebug it reports localhost (which is partially correct), however the service in development is actually on localhost:1873. If i try to edit the cookie and put that domain in, it just ignores it and seems to keep only localhost. The server seems to set it correctly to... so is this possibly a bug with firefox? – somemvcperson Jul 05 '11 at 21:41
  • Given you answer, although the xhrFields{} works and beforeSend:... didnt for me. The underlying problem here was solved by not having the server set the cookies domain, and letting the client infer it. – somemvcperson Jul 09 '11 at 21:12