Set-cookie标头不设置cookie跨域。 Cookie未保存

时间:2013-06-02 16:57:59

标签: http-headers cors setcookie

我正在尝试进行跨域请求。看起来所有标题都可以。但是cookie没有设置,我不知道为什么。是因为401服务器状态(无法访问更改服务器)还是因为请求是从http到https服务器?

这些是标题:

Request URL:https://domain/current-user
Request Method:GET
Status Code:401 Unauthorized

**Request Headers**
Accept:application/json, text/plain, */*
Accept-Encoding:gzip,deflate,sdch
Accept-Language:en-US,en;q=0.8
Cache-Control:no-cache
Connection:keep-alive
Host:app.domain.com
Origin:http://domain.com
Pragma:no-cache
Referer:http://domain.com/
User-Agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/27.0.1453.93 Safari/537.36

**Response Headers**
Access-Control-Allow-Credentials:true
Access-Control-Allow-Headers:accept, origin, content-type, cookie
Access-Control-Allow-Methods:GET,POST
Access-Control-Allow-Origin:http://domain.com
Access-Control-Max-Age:1728000
Connection:keep-alive
Content-Encoding:gzip
Content-Type:text/html; charset=utf-8
Date:Sun, 02 Jun 2013 16:52:58 GMT
P3P:CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Server:nginx/1.1.19
Set-Cookie:domain.ssid=s%3A7GcUvlVmeOgVF5sgyIHCjNn8.S%2FFDoCTOU5q4bT4zNQAECCGg%2FQmKkb9bT7Ee2KaLP2o; Path=/; Expires=Mon, 30 Sep 2013 16:52:58 GMT
Transfer-Encoding:chunked
Vary:Accept-Encoding
X-Cache:MISS
X-Powered-By:Express

1 个答案:

答案 0 :(得分:2)

尝试在请求中设置withCredentials,例如

var xhr = new XMLHttpRequest();
xhr.withCredentials = true;