CORS Cookie未保存在浏览器中

时间:2018-09-08 20:52:38

标签: http cookies browser cors

我有一个http端点,可以从我的客户端通过CORS访问。将请求发送到该URL时设置cookie。此Cookie到达客户端(Chrome开发工具的屏幕截图):

enter image description here

但是,它不会保存(Chrome的Cookies窗口中的截图):

enter image description here

为什么cookie不保存在浏览器中?我尝试过使用Chrome和Firefox,但行为相同。

响应标题:

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://localhost:4200
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Type: application/json;charset=UTF-8
Date: Sat, 08 Sep 2018 20:24:11 GMT
Expires: 0
Pragma: no-cache
Set-Cookie: guestId=79f0c026-c8f9-4820-a825-15381116d714; Max-Age=157680000; Expires=Thu, 07-Sep-2023 20:24:11 GMT
Transfer-Encoding: chunked
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block

1 个答案:

答案 0 :(得分:0)

该请求应带有'withCredentials'标志。

例如在Angular2 +中:

const options = { withCredentials: true };
const dataObservable = this.http.get(url, options)