后端服务器是JBOSS,前端是角度5,withCredentials = true。两个cookie字段是LSV和JSESSIONID。令牌用于登录。在此请求中,请求标头和响应标头
Cookie: LSV=0; JSESSIONID=BPqD8YMn7q5IIgD5JomHPdnZVXxbC924UedeDqaB.xxx-sit-test02-p0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: accept, authorization, content-type, x-requested-with, token, appid, user
Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: http://localhost
Access-Control-Max-Age: 1
Connection: keep-alive
Content-Length: 91
Content-Type: application/json
Cookie: LSV=0; JSESSIONID=BPqD8YMn7q5IIgD5JomHPdnZVXxbC924UedeDqaB.xxx-sit-test02-p0
Date: Wed, 16 May 2018 12:10:26 GMT
Server: JBoss-EAP/7
TSGNode: xxx-sit-test02-p0
X-Powered-By: Undertow/1
Accept: application/json
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Connection: keep-alive
Cookie: LSV=0; JSESSIONID=BPqD8YMn7q5IIgD5JomHPdnZVXxbC924UedeDqaB.xxx-sit-test02-p0
Host: http://localhost
Referer: http://localhost:4200
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36
但下一个请求是在没有LSV的情况下发送的。
Cookie: JSESSIONID=BPqD8YMn7q5IIgD5JomHPdnZVXxbC924UedeDqaB.xxx-sit-test02-p0
我认为这些cookie是由浏览器控制的。我想知道为什么缺少一个饼干。任何可能的原因?
答案 0 :(得分:1)
响应标头的set-cookie必须在请求LSV时添加 path = / 。之后,所有请求都会在请求标头中以正确的cookie发送。