Clever Geek Handbook

No session cookie set during POST request in Angular2

I have a back-end and front-end application written with Angular 2. When the first request is fired from the UI, the back-end creates a session object and sends a response with a header Set-Cookie:JSESSIONID=29F2635FE558F131DCF937567E4C09C1;path=/;HttpOnly

(or whatever I would have generated). The browser sets the cookie correctly and when I make get requests with a method Http

get()

and use withCredentials: true

on an object options

everything works fine. But when I do the same for a post request with a method post()

, the cookie header is not set for some reason and I cannot get past the authorization filter to the backend.

Has anyone seen this behavior? What could be causing this? The request fails with a options

preflight error . This thing is so strange that I don't even know what additional information might be useful, so if you have any ideas - let me know, I will provide any information you need.

<strong> Examples:

This is how I get information about books (and everything works fine):

this.networker.get(PATHS.base + PATHS.books, {search: this.params, withCredentials: true})
          .map((resp: Response) => {
            return resp.json() as Book[];
          });

This is how I try to add a new author to the directory

public addAuthor(author: Author): Observable<boolean> {
    const headers: Headers = new Headers();
    headers.append('Content-Type', 'application/json');
    const options: RequestOptions = new RequestOptions({withCredentials: true, headers: headers});
    return this.networker.post(PATHS.base + PATHS.authors, JSON.stringify(author), options)
      .map((resp: Response) => {
        return resp.text().localeCompare('true') === 0;
      })
  }

The Networker service is just a wrapper for Angular Http

as I was trying to figure out where the error is happening:

@Injectable()
export class NetworkerService {

  constructor(private http: Http) {
  }

  public get(url: string, options: any): Observable<Response> {
    return this.http.get(url, options);
  }

  public post(url: string, body: any, options: any): Observable<any> {
    return this.http.post(url, body, options);
  }
}

UPD: Right now I have added an end-to-end boolean internal request filter that allows the options

request to pass by without a cookie, and it does work, so the actual request POST

contains a cookie. The problem is the pre-flight request doesn't have the required cookie, how should it be?

+3


source to share


No one has answered this question yet

Check out similar questions:



More articles:


All Articles