问题
Here is my api call, I am trying to read Set-Cookie from response header
return $http(config).then(function (response) {
console.log(response.headers('Set-Cookie')); // undefined
console.log($cookies.ovrcMfa); // undefined
return response.data;
});
and response header is:
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type, Authorization, Set-Cookie, X-Requested-With, X-Session-Id, X-App-version, X-Target-Client, X-Origin-Domain, X-Dev-Mode
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Set-Cookie
Set-Cookie : ovrc-mfa=IHfpt06ogxzLQFpwySE7vaJYg7whQ0sF; Max-Age=31536000; Path=/; Expires=Thu, 16 Jan 2020 09:30:47 GMT
Here I want to read Set-Cookie value ie ovrc-mfa
回答1:
Set-Cookie is a forbidden response header name. You cannot read it using browser-side JavaScript.
If you need to pass that information to your JavaScript, then you need to have the server use some other mechanism (such as a different header or part of the response body).
来源:https://stackoverflow.com/questions/54214657/not-able-to-read-set-cookie-response-header