2

I'm new to Node js; I'm tring to understand how to get and set cookie with Node. I'm using Visual Studio, and I'm using the embedded IIS Express that is create automatically. There is the server code on my server.js:

var express = require('express');
var cookieParser = require('cookie-parser')

var app = express();
app.use(cookieParser())

app.use(function (req, res, next) {
    res.setHeader('Access-Control-Allow-Origin', 'http://localhost:61342');
    res.setHeader('Access-Control-Allow-Methods', 'GET, POST, OPTIONS, PUT, PATCH, DELETE');
    res.setHeader('Access-Control-Allow-Headers', 'X-Requested-With,content-type');
    res.setHeader('Access-Control-Allow-Credentials', true);
    next();
});

app.get('/setCookie/:param', function (req, res) {
    res.cookie('testCookie', req.params.param);
    console.log('cookie created!');
    res.send();
});

var server = app.listen(8001, 'localhost', function () {
    var host = server.address().address
    var port = server.address().port
    console.log("Server listening at http://%s:%s", host, port)
});

And this is the client code:

function server() { 
        xmlhttp = new XMLHttpRequest();
        xmlhttp.open("GET", "http://localhost:8001/setCookie/cookie1", true);
        xmlhttp.onreadystatechange = function () {
            if (xmlhttp.readyState == 4 && xmlhttp.status == 200) {
                alert("ok");
            }
        }
        xmlhttp.send();
 }

I call this funcion when I click on a button (just for testing). I notice that if I type localhost:8001/getCookie/cookie1 it set correctly the cookie (I can see it on the browser console, typing document.cookie), but if I run my project on localhost:61342/ and I click the button that call the function server(), I get this response :

Request URL:http://localhost:8001/setCookie/cookie1
Request Method:GET
Status Code:200 OK
Remote Address:127.0.0.1:8001

Access-Control-Allow-Credentials:true
Access-Control-Allow-Headers:X-Requested-With,content-type
Access-Control-Allow-Methods:GET, POST, OPTIONS, PUT, PATCH, DELETE
Access-Control-Allow-Origin:http://localhost:61342
Connection:keep-alive
Set-Cookie:testCookie=cookie1; Path=/

but when I type on browser console document.cookie I don't see anything. Any idea on how can I solve this? Thank you for the patience

Improve this question

1 Answer 1

Reset to default
1

There are two separate issues here.

First:

document.cookie will show the cookies belonging to the origin of the document. Cross-origin Ajax requests will send and store cookies for the origin they are making the request to. Since that is a different origin, they won't show up in document.cookie. To inspect them you would need to make a request to the origin to which they belong and inspect it in the Network tab.

Second:

Cross-origin requests don't support cookies by default. You have to set withCredentials to true first.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.