DWQA QuestionsCategory: ProgramThe set cookie cannot be written to the local
tata_d2 asked 4 months ago

Problem description
After receiving the set cookie, it cannot be written to the local. The domain is useless
The HTTP request is shown in the figure below
clipboard.png
clipboard.png
clipboard.png
Server code

var cookieParser = require( 'cookie-parser' );
app.use( cookieParser() );

var allowCrossDomain = function( req, res, next ) {
    res.header( 'Access-Control-Allow-Origin', '*' );
    res.header("Access-Control-Allow-Headers", "Content-Type,Content-Length, Authorization, Accept,X-Requested-With"); 
    res.header("Access-Control-Allow-Methods","PUT,POST,GET,DELETE,OPTIONS"); 
    res.header('Access-Control-Allow-Credentials', 'true'); 
    res.header("X-Powered-By",' 3.2.1');
    res.header("Content-Type", "application/json;charset=utf-8");
    next();
};

app.use( allowCrossDomain );

app.get( '/login', async( req, res ) => {
    // ...
    var cookie_data = { username: username, password: password }; 
    res.cookie( 'userinfo', JSON.stringify( cookie_data ), { domain: 'http://47.52.236.152', httpOnly: false } );
    res.send( ... ); 
} );

,You are the back-end interface (domain name b) requested by the front-end project (domain name a). Set cookies are the response of domain name B. therefore, cookies are set to domain name B, and domain name a cannot be accessed.
In fact, you can not manage the cookies. The cookies will be brought automatically when you request the interface next time. You do not need to manually manage the set cookies in the front-end project,For security reasons, the requested URL is different from the source to set the cookie (different port),Forgot to save qwq after setting the front-end cross domain permissions

3 Answers
Schrodinger's Cat answered 4 months ago

You are the back-end interface (domain name b) requested by the front-end project (domain name a). Set cookies are the response of domain name B. therefore, cookies are set to domain name B, and domain name a cannot be accessed.
In fact, you can not manage the cookies. The cookies will be brought automatically when you request the interface next time. You do not need to manually manage the set cookies in the front-end project

liximomo answered 4 months ago

For security reasons, the requested URL is different from the source to set the cookie (different port)

tata_d2 answered 4 months ago

Forgot to save qwq after setting the front-end cross domain permissions