Ember：从api未设置的会话cookie [英] Ember: session cookie from api not being set

问题描述

我正在尝试从一个特定的ember数据模型（'cart'）的后端API设置一个会话cookie。

I am trying to set a session cookie from my back-end API for a particular ember-data model ('cart').

当createRecord被调用时该模型，我看到XHRPOST请求到我的API。我看到它的API过程和响应，我在回复标头中看到Set-Cookie ...但浏览器中没有cookie

When createRecord is called on the model, I see the XHR "POST" request to my API. I see the API process it and respond, and I see the Set-Cookie in the response headers...but no cookie in the browser!

该ember应用程序和api在同一个域（localhost）上，尽管在不同的端口上。我googled，似乎 Cookie不是端口特定的。所以我看不到有什么阻止。

The ember app and the api are on the same domain (localhost), though on different ports. I googled and it appears that cookies are not port-specific. So I can't see what's preventing it.

我尝试使用Chrome扩展名Postman向API提交相同的POST，它的工作原理很好 - 将cookie设置为浏览器。当请求来自ember应用程序时，它不起作用。虽然我没有看到任何错误。

I tried using the Chrome extension Postman to submit the same POST to the API and it works just fine - sets the cookie in the browser. Just doesn't work when the request comes from the ember app. Though I am not seeing any errors anywhere.

有没有什么东西在垃圾内阻止cookie被设置？我不明白为什么会有这样的情况，我认为浏览器应该是在处理回复标题之前，ember回来玩。

Is there something within ember that's preventing the cookie from being set? I can't see why there would be, I think the browser should be processing the response headers before ember comes back into play.

死亡在这个！任何帮助赞赏。以下是请求/回复。

I'm going down the rabbit hole of death on this! Any help appreciated. Here's the request/response.

< img src =https://i.stack.imgur.com/mOEaY.pngalt =在此输入图像说明>

推荐答案

如果您正在尝试跨域请求，则可能必须在应用程序以及服务器上授予权限。请阅读 CORS ，如果是这样。此外，如果您有 httpOnly Cookie，则必须在您的ajax请求中设置Credientials字段作为：

If you are trying a cross domain request you may have to grant permissions both on the app as well as on the server. Read on CORS if that is the case. Also if you have httpOnly cookie, you will have to set withCredientials field in your ajax request as:

      xhrFields: {
        withCredentials: true
      }

您可以阅读更多关于withCredential here 。这两个是cookie问题的主要因素。

You can read more on withCredential here. These two are the major factors for cookie problems.

这篇关于Ember：从api未设置的会话cookie的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！