I'm AJAXing a call to a another services API, which is then supposed to return a cookie that will be set in my browser to allow me to make the rest of my API calls.
However, while the response headers include a 'Set-Cookie' header, no cookie is ever actually set. I'm using Google Chrome.
Here is the Response Headers:
Access-Control-Allow-Origin:*
Cache-Control:no-cache
Connection:keep-alive
Content-Encoding:gzip
Content-Length:37
Content-Type:application/json
Date:Thu, 25 Jun 2015 18:27:37 GMT
Expires:Thu, 25 Jun 2015 18:27:36 GMT
Server:nginx/1.4.6 (Ubuntu)
Set-Cookie:sessionid=67cb9796aa794a4975b28876ea6dd3d5; expires=Thu, 09-Jul-2015 18:27:37 GMT; httponly; Max-Age=1209600; Path=/
Vary:Cookie
And here is the AJAX call:
$.ajax({
type: "POST",
crossDomain: true,
contentType: 'text/plain',
data: data,
url: urlhere
success: function(result, status, xhr){
console.log('hi');
console.log(xhr.getAllResponseHeaders());
},
error: function(xhr){
console.log(xhr.status);
console.log(xhr.statusText);
}
});
The Chrome resources page also shows that no cookie is being set. Any and all help would be greatly appreciated!
You need to append
withCredentials
to your XHR call, this answer shows how to do that with jQuery. https://stackoverflow.com/a/7190487 Without that additional flag, the browser will not accept a set-cookie header.