admin管理员组文章数量:1353610
I am storing cookies for my web app using the 'Set-Cookie' header response from my python backend.
Here is my ajax call on the client-end to the function:
In developer tools in Chrome and Safari, when I look for the cookies, the cookies don't show up.
On Chrome, the Set-Cookie doesn't even show up in the response header to the network call. In Safari, the Set-Cookie response header shows up and shows under request/response cookies, but when I check cookies for the application, nothing shows up.
Furthermore, the cookie data shown in Safari is incorrect: it shows an incorrect expiration date and httpOnly/secure which should both be true.
The cookies seem to not exist, but when I log the server, I see clearly that the cookies exist and they appear (also safari shows them going back and forth in the request/response headers)which means that the cookies are being properly stored and sent back to the server after every call in the header. I tried earlier to set httpOnly to false and secure to false, but even then the cookies exhibited the same behavior.
These cookies are still under the radar of both developer tools. How can I see the cookies on the browser in developer tools correctly? And what could this problem be?
I am storing cookies for my web app using the 'Set-Cookie' header response from my python backend.
Here is my ajax call on the client-end to the function:
In developer tools in Chrome and Safari, when I look for the cookies, the cookies don't show up.
On Chrome, the Set-Cookie doesn't even show up in the response header to the network call. In Safari, the Set-Cookie response header shows up and shows under request/response cookies, but when I check cookies for the application, nothing shows up.
Furthermore, the cookie data shown in Safari is incorrect: it shows an incorrect expiration date and httpOnly/secure which should both be true.
The cookies seem to not exist, but when I log the server, I see clearly that the cookies exist and they appear (also safari shows them going back and forth in the request/response headers)which means that the cookies are being properly stored and sent back to the server after every call in the header. I tried earlier to set httpOnly to false and secure to false, but even then the cookies exhibited the same behavior.
These cookies are still under the radar of both developer tools. How can I see the cookies on the browser in developer tools correctly? And what could this problem be?
Share Improve this question edited Nov 27, 2018 at 20:30 Jonathan Wong asked Nov 27, 2018 at 8:08 Jonathan WongJonathan Wong 4805 silver badges11 bronze badges 2- I see this in Safari right now. The cookie is definitely set (because the server sees it), and it survives restarting Safari. But I can't see it in the console... this is a problem, because I want to delete it! – Doctor Eval Commented Apr 2, 2020 at 10:09
- See this answer stackoverflow./a/55414345/1558222 . you should enable them – endamaco Commented Jul 2, 2020 at 12:54
2 Answers
Reset to default 1Have you tried opening a tab to the server https://*.amazonaws. and checking there instead?
The cookie will be set on the server's domain, but you won't see it in your local server's cookie storage. The reason is that all web storages are bound by same origin policy and your document can only access storages from its own domain, and the server can only set cookies for it's domain.
The rationale here is that if I sent you a link to a rogue document, it can't exfiltrate your SO cookies even if they were accessible from JS, neither sending a request to a rogue server can overwrite cookies on SO.
Try to disable chrome://flags/#network-service and it should work properly.
本文标签:
版权声明:本文标题:javascript - Cookies don't show up in developer console of SafariChrome with Set-Cookie Header, but exist when looking a 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1743902666a2558956.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。
发表评论