在响应的Set-Cookie没有设置Angular2 POST请求 [英] Set-cookie in response not set for Angular2 post request

问题描述

当我做出Angular2 PUT请求，我收到在响应中预期的Set-Cookie。但是我的浏览器（试用过Chrome和Firefox）拒绝设置cookie。

When I make a put request in Angular2, I receive the expected set-cookie in the response. However my browser (tried both Chrome and Firefox) refuses to set the cookie.

相反，当我用一个角1应用使得给呼叫的相同的API端点，饼干是否设置正确。

Instead when I use an Angular 1 app making a call to the same API endpoint, the cookies are set correctly.

响应头是：

Access-Control-Allow-Credentials:true
Access-Control-Allow-Origin:http://example.com
Allow:GET, PUT, HEAD, OPTIONS
Content-Type:application/json
Date:Thu, 28 Jan 2016 14:41:38 GMT
P3P:policyref="http://www.example.com/p3p.xml", CP="NON DSP COR CURa TIA"
Server:WSGIServer/0.1 Python/2.7.6
Set-Cookie:sessionid=994wl49qfsizog5bqmt57sgx9q2toa25; expires=Mon, 28-Mar-2016 14:41:37 GMT; Max-Age=5183999; Path=/
Set-Cookie:csrf=u7UQhpAphTsGYKRU6jFlLFt6NoYAhNMS; Domain=api.example.com; expires=Thu, 26-Jan-2017 14:41:38 GMT; Max-Age=31449600; Path=/
Vary:Accept, Cookie

后端编程在Django 1.8。

The backend is programmed in Django 1.8.

有没有人经历过同样的事情，或者有一个建议如何解决这个问题？

Does anyone experienced the same thing or have a suggestion how to solve this problem?

推荐答案

我似乎是一个CORS相关的问题。也许在执行HTTP请求时，你可以尝试设置 withCredentials 属性。

I seems to be a CORS-related issue. Perhaps you could try to set the withCredentials attribute when executing the HTTP request.

这个回答可以帮助你找出如何做到这一点，尤其是的塞德里克Exbrayat 答案：

This answer could help you to find out how to do that, especially the Cedric Exbrayat's answer:

• angular2 xhrfields withcredentials真正

• angular2 xhrfields withcredentials true

修改

您可以扩展 BrowserXhr ：

@Injectable()
export class CustomBrowserXhr extends BrowserXhr {
  constructor() {}
  build(): any {
    let xhr = super.build();
    xhr.withCredentials = true;
    return <any>(xhr);
  }
}

和覆盖与 BrowserXhr 提供扩展的：

bootstrap(AppComponent, [
  HTTP_PROVIDERS,
  provide(BrowserXhr, { useClass: CustomBrowserXhr })
]);

如果您需要了解更多的CORS提示，你可以看看这个链接：的 http://restlet.com/blog/2015/12/15/understanding-and-using-cors/ 。

If you need more hints about CORS, you could have a look at this link: http://restlet.com/blog/2015/12/15/understanding-and-using-cors/.

希望它可以帮助你，
蒂埃里

Hope it helps you, Thierry

这篇关于在响应的Set-Cookie没有设置Angular2 POST请求的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！