i'm making a web app in a restful way. For my client side i'm using angularJs, the same is hosted at - lets say - https://domain.com
My backend is built on spring boot and i call all the resources from a subdomain - lets say - https://xyz.domain.com
Now when a user logs in , the backend sends an http only cookie to the client. I can see the cookie in response header but its not being set in the browsers cookie.
After a bit of research, i have tried sending cookie with domain = .domain.com but that didnt work either.
Is there a way i can set cookie coming from xyz.domain.com for my client side at domain.com
(Note - i'm not using www.domain.com )
Any help or clue would be great.
Thank you for going through my question.
The problem you're describing is related to cross domain cookie policies. I don't know your exact use-case, but looking at CORS and P3P headers should give you a good start. As an option, you can try setting your cookie manually via Javascript.
Making CORS working isn't enough, you also need to enable withCredentials in angular.
https://developer.mozilla.org/en-US/docs/Web/API/XMLHttpRequest/withCredentials
Example:
angular.module('example', []).config(function ($httpProvider) {
$httpProvider.defaults.withCredentials = true;
});
来源:https://stackoverflow.com/questions/32524305/setting-cookies-for-subdomain