设置withcredential = true后未在请求标头中设置Cookie [英] Cookie not set in request header after set withcredential = true
问题描述
我在登录后调用api,并在登录响应标头中设置了set-cookie,并在浏览器中设置了cookie。但是当我尝试发出其他请求时,请求标头中没有cookie传递。我已经尝试添加withcredential = true,并且还允许带有所有必需标头的CORS。在浏览器中在登录响应中设置的
cookie
.AspNetCore.Identity.Application
将于2018-07-过期27T14:26:34.000Z
仅Http真
路径/
安全真正
值CfDJ8IpQ2KMnnJJCu-Bxqp-xHNOQGuT6Ig74z_z6fhAba0WGCMyq7er9Zo87dX36mvr3vHm827XQFM_8cNQiv811mitpYZ4rRVRp4iV3RfpDkqGL-4UizEGUkJfSxxkFzIbVEEJNwIJXf5iFFlbC7Fw8zKDn7DYJN70iniH4HE-bzqJ4KXSsKnCyqePsYyi6iJ0_Rkk_TiE-TXggnFqrU_8n5XPcYaRVeinAeHRZ2xmJbcVrOwFAV1-D8zwgpnJxs2WaLsM9h5IoqdV1wOwyT-Awoy0QqAtTiUPs5h5Gh52HubsBcWLPKE_FbzfmK_1HsDGH1e1PIHYJaIgLx-q0trTSGK-22wvOnqMipax94zoO6mfF2Pbrz7NM-eJBBCTkSoNYXVIj8EpRPJXhk8uLKC9rqon2hA4qHpnrUWWdz1LT7FYzHjnhAx3hctXr2laQgc3ipT410zI15tl5XIIjEbqr9D5E6o -4MkcSCLsHCLkaurSmoQWF2VRQ8OuVHFz6Z7XTu7myAsCFWf3INcV-WBtJY6l9Luk2D7uenofPGFZ8D4fDL0oaPqvAKve6N8r2Q_eDXEVf-
$$$$$$ $$$$ pre> 来自浏览器控制台的请求标头
接受application / json,text / plain,* / *
Accept-Encoding gzip,deflate,br
接受语言en-US,en; q = 0.5
访问控制权限凭据true
连接保持活动
内容长度27
内容类型application / x -www-form-urlencoded
主机localhost:44354
来源http:// localhost:4200
推荐人http:// localhost:4200 / changepassword
User-Agent Mozilla / 5.0 (Windows NT 10.0; …)Gecko / 20100101 Firefox / 61.0
withCredentials true
我的代码:-
changePassword(changePasswordModel:ChangePassword):可观察< ApiResponse> {
const body = JSON.stringify(changePasswordModel)
let enco:any = new HttpHeaders()
.set('Content-Type','application / x-www -form-urlencoded')
.set('withCredentials','true')
.set('Access-Control-Allow-Credentials','true');
返回this._httpClient.post(this.identityAPIEndPoint +'Account / ChangePassword',body,{headers:enco,withCredentials:true})。pipe(
map((response:Response )=>< ApiResponse> response.json()));
}
我将Angular 5与HttpClient用于发布请求。
是我的使命吗?
请给我提示。
谢谢
我认为您的问题出在Cookie的作用域
上。有关更多信息,请参见 cookie范围
部分此处。
因此,您应该为所有页面设置相同的路径
因此该cookie在所有页面上都可用。例如,您可以将路径
设置为 /
或应用程序的基本路径。
Access-Control-Allow-Credentials
是响应标头,因此应在响应中提供,而不是在请求中提供:请参见< a href = https://developer.mozilla.org/zh-CN/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials rel = nofollow noreferrer>此处。
withCredentials
选项根本不是HTTP标头,而是一个选项,应在<$ c $中传递c>选项对象:请参见此链接。
I am call api after login and in login response header set-cookie is pass and cookie set in browser. but when i am try to make other request there is no cookie pass in request header. i have try to add withcredential = true and also allow CORS with all required headers. cookie set in browser in login response
.AspNetCore.Identity.Application
expires 2018-07-27T14:26:34.000Z
httpOnly true
path /
secure true
value CfDJ8IpQ2KMnnJJCu-Bxqp-xHNOQGuT6Ig74z_z6fhAba0WGCMyq7er9Zo87dX36mvr3vHm827XQFM_8cNQiv811mitpYZ4rRVRp4iV3RfpDkqGL-4UizEGUkJfSxxkFzIbVEEJNwIJXf5iFFlbC7Fw8zKDn7DYJN70iniH4HE-bzqJ4KXSsKnCyqePsYyi6iJ0_Rkk_TiE-TXggnFqrU_8n5XPcYaRVeinAeHRZ2xmJbcVrOwFAV1-D8zwgpnJxs2WaLsM9h5IoqdV1wOwyT-Awoy0QqAtTiUPs5h5Gh52HubsBcWLPKE_FbzfmK_1HsDGH1e1PIHYJaIgLx-q0trTSGK-22wvOnqMipax94zoO6mfF2Pbrz7NM-eJBBCTkSoNYXVIj8EpRPJXhk8uLKC9rqon2hA4qHpnrUWWdz1LT7FYzHjnhAx3hctXr2laQgc3ipT410zI15tl5XIIjEbqr9D5E6o-4MkcSCLsHCLkaurSmoQWF2VRQ8OuVHFz6Z7XTu7myAsCFWf3INcV-WBtJY6l9Luk2D7uenofPGFZ8D4fDL0oaPqvAKve6N8r2Q_eDXEVf-
see my code
Request header from browser console
Accept application/json, text/plain, */*
Accept-Encoding gzip, deflate, br
Accept-Language en-US,en;q=0.5
Access-Control-Allow-Credentials true
Connection keep-alive
Content-Length 27
Content-Type application/x-www-form-urlencoded
Host localhost:44354
Origin http://localhost:4200
Referer http://localhost:4200/changepassword
User-Agent Mozilla/5.0 (Windows NT 10.0; …) Gecko/20100101 Firefox/61.0
withCredentials true
my code:-
changePassword(changePasswordModel: ChangePassword): Observable<ApiResponse> {
const body = JSON.stringify(changePasswordModel)
let enco : any = new HttpHeaders()
.set('Content-Type', 'application/x-www-form-urlencoded')
.set('withCredentials', 'true')
.set('Access-Control-Allow-Credentials', 'true');
return this._httpClient.post(this.identityAPIEndPoint + 'Account/ChangePassword', body, { headers: enco, withCredentials: true}).pipe(
map((response: Response) => <ApiResponse>response.json()));
}
i am using angular 5 with HttpClient For Post Request. Is i am mission something. Please give me hint.
Thank you,
I think that your problem here is the scope
of your cookie. For more see the Scope of cookies
section here.
So you should set the same path
for all your pages so the cookie will be available from all pages. For example, you can set the path
to be /
or the base path of your application.
Access-Control-Allow-Credentials
is a response header so it should be provided in the response and not in the request: see here.
And the withCredentials
option isn't an HTTP header at all it's an option which should be passed in the options
object: see this link.
Also, read this article for more about CORS.
这篇关于设置withcredential = true后未在请求标头中设置Cookie的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!