4

I inspected the request and can see that:

Set-Cookie:.AspNet.Cookies=AQAAANCMnd8BFdERjHoAwE_Cl-sBAAAAFyzOzXtC90-nkj7osKIxHgAAAAACAAAAAAAQZgAAAAEAACAAAAB68msx5mvbIc_UOFEpHKgyKg8z4X75MKKk5Notp79FeAAAAAAOgAAAAAIAACAAAAD8G4ZvSLWFoqp7TVme89yuoX0Kd7V6uYe-WEeeSoYClvAAAAB1vGrXcVvzq7uUYiruKLJiGBpZJBDcOL3PBMRYnHv3VT202hC-4J-U-GGoJlWQz3MrEoq_vmEoE3tbsn09AAX06HZrhBl5ZvyLiTkCcJaAT_xeX-6Uv6fDWMHpezJ_xrhE8nVjOj8oBI2HhIjymzD1CaWCriFqPOQKSoC6OLOHurRUcZ6J8LHeKcsWsc4hm6z6VD-GgzHyHAzZ7OgHX6NMsBpkQ_6VX7e-lo-fUx4RG6sJRIKPHbbFGm8hpfNzFCffbS8nuGC7SMu9zoQLGdDcZx0ulxlQcSxpcfbaaPbb3l1FsM9YZOipQNyLRDQtN-5AAAAA2D6u3avm-yI1tnz-xqBLBus26s2IRF2vuBzDEFkTbG5PPYHY2ijq5-xMzkNlVNsgloQ-XjKhmy9JiX4YLkMSjQ%3D%3D; path=/; expires=Mon, 30-Sep-2013 21:49:58 GMT; HttpOnly

but when i look at the browsers cookies, this is not set.

$.ajax({
            url: this.path + id,
            beforeSend: (xhr) => this.setAuth(xhr),
            type: 'GET'
        })....

Relevant info might be that its a cross origin call. http://localhost:36859/ to http://127.255.0.1:8061/ .

Do i need to do anything else to set the cookie?

Improve this question
3
  • of course you cant set a cookie for a different domain/origin check this en.wikipedia.org/wiki/HTTP_cookie#Domain_and_Path Commented Sep 16, 2013 at 21:12
  • So its not possible when i have my WebAPI hosted at xxx.local and the client at yyy.local, the client ask the server to xxx.local/authenticate and the server sets a cookie containing the userinfo. Commented Sep 16, 2013 at 21:21
  • yes its possible, but you have to make sure that xxx.local/authenticate sets the cookie with .local as the cookie domain. Commented Sep 17, 2013 at 5:56

1 Answer 1

Reset to default
3 
    return $.ajax({
        url: this.path + id,
        beforeSend: (xhr) => this.setAuth(xhr),
        type: 'GET',
        crossDomain: true,
        xhrFields: {
            withCredentials: true
        }
    }).fail((xhr, status, error) => {  
        console.log(arguments);           
        notification.showErrorMessage("Error Loading", notification.getErrorDetail(xhr));
    });

The xhrFields did the trick. authentication cookie is send along the webapi call.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.