Spring @RestController没有设置响应的cookie [英] Spring @RestController not setting cookies with response
问题描述
我有以下剩余终结点,我想与我的 ResponseEntity 一起发送cookie。但是,成功发送响应之后,就找不到Cookie了。
I have the following rest endpoint that I would like to send a cookie along with my ResponseEntity. However after succesfully sending the response, the cookie is nowhere to be found.
@RequestMapping(value = "myPath", method = RequestMethod.POST)
public ResponseEntity<?> createToken(HttpServletResponse response)
final String token = "a1b2c3d4e";
Cookie cookie = new Cookie("token", token);
response.addCookie(cookie);
// Return the token
return ResponseEntity.ok(new MyCustomResponse(token));
}
MyCustomResponse
MyCustomResponse
class MyCustomResponse {
private final String token;
public MyCustomResponse(String token) {
this.token = token;
}
}
我也尝试过创建 Set-Cookie 标题设置cookie,但同样,没有cookie。
I have also tried creating the ResponseEntity manually and setting the cookie in the headers with the "Set-Cookie" header but same thing, no cookie.
编辑:我已经确认 Set-Cookie 标头实际上存在在响应中,但是实际上并没有将其存储在浏览器中。我正在使用在WebStorm中运行的静态Web应用程序来访问在其他端口上运行的其余端点。此网络应用仅使用JQuery的 $ ajax 方法来调用REST端点,没有什么花哨的地方。当我在WebStorm中运行Web应用程序时,可以在浏览器中看到它创建的cookie,从而确认我的浏览器允许cookie存储。
edit: I have confirmed that the Set-Cookie header is in fact present in the response, however it is not actually being stored in the browser. I am using a static web-app running in WebStorm to access my rest endpoint running on a different port. This web app is just using JQuery's $ajax method to call the REST endpoint, nothing fancy. When I run the web app in WebStorm I am able to see the cookie it creates in my browser, so that confirms my browser is allowing cookie storage.
推荐答案
我知道了。我用来访问我的Rest API的Web应用程序与我的Rest API在不同的本地端口上运行。这会导致AJAX请求无法满足CORS要求,因此实际上并没有设置cookie。
I figured it out. My web application I am using to access my rest api is running on a different local port than my rest api. This causes the AJAX request to fail CORS requirements, thus the cookie doesnt actually get set.
我在这里找到了解决方法什么原因会导致未在客户端上设置cookie?
I found the solution here What can cause a cookie not to be set on the client?
编辑:我应该补充一点,它是将 xhrFields 片段添加到JQuery的 $ ajax 方法为我修复了该问题,不需要其他部分。
edit: I should add that it was adding the xhrFields snippet to JQuery's $ajax method that fixed it for me, the other parts weren't necessary.
(在如果它被删除了)
我想我找到了解决方案。由于在开发过程中,我的服务器位于 localhost:30002,而我的Web应用程序位于 localhost:8003,因此它们被视为关于CORS的不同主机。因此,我对服务器的所有请求都被CORS安全规则所涵盖,尤其是带有凭据的请求。 凭据包含该链接上指出的cookie,因此返回的cookie不被接受,因为我没有通过
I think I found the solution. Since during development, my server is at "localhost:30002" and my web app at "localhost:8003", they are considered different hosts regarding CORS. Therefore, all my requests to the server are covered by CORS security rules, especially Requests with credentials. "Credentials" include cookies as noted on that link, so the returned cookie was not accepted because I did not pass
xhrFields: {
withCredentials: true
}
对jQuery的 $ .ajax 函数。为了发送Cookie,我还必须将该选项传递给后续的CORS请求。
to jQuery's $.ajax function. I also have to pass that option to subsequent CORS requests in order to send the cookie.
我添加了标头 Access-Control-Allow-Credentials :true 在服务器端,并将 Access-Control-Allow-Origin 标头从通配符更改为 http:// localhost:8003 (端口号很重要!)。该解决方案现在对我有效,并且cookie被存储。
I added the header Access-Control-Allow-Credentials: true on the server side and changed the Access-Control-Allow-Origin header from wildcard to http://localhost:8003 (port number is significant!). That solution now works for me and the cookie gets stored.
这篇关于Spring @RestController没有设置响应的cookie的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
