'Localhost frontend no longer sending cookie to development backend
I'm trying to connect my local frontend to our development backend hosted in aws. Everything used to work, and I'm going crazy trying to figure out what happened.
The issue is that the request to the backend isn't passing along the cookie we use for authentication.
We have cors setup and it appears to be working correctly. The Options call returns everything I'd expect
.
but the request just doesn't contain the cookie.
I'm setting the cookie via javascript in the frontend code rather than having the server itself set it. This setup used to work idk why it doesn't anymore.
What are the reasons why a browser wouldn't pass a cookie along?
My checklist includes:
- ensuring Access-Control-Allow-Credentials is passed back from the Options request
- ensure withCredentials is set on the frontend making the request
- ensuring the cookie domain is set to /
We recently added some CSRF protection but I disabled that and still can't get the cookie to be sent.
A soapui call to the backend works just fine.
Solution 1:[1]
The issue lied in the samesite cookie.
I deployed my development server to explicitly set samesite=none and things are working again.
Solution 2:[2]
axios({ method: "get", withCredentials: true,
});
adding withCredentials:true worked for me
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 | moondc |
| Solution 2 | ABHAY MISHRA |