Javascript 无法在服务器端(Jersey)创建的服务器端获取cookie
我有一个cookie是在服务器端创建的(Rest服务)。 下面是创建cookie的rest服务:Javascript 无法在服务器端(Jersey)创建的服务器端获取cookie,javascript,angularjs,cookies,jersey,jax-rs,Javascript,Angularjs,Cookies,Jersey,Jax Rs,我有一个cookie是在服务器端创建的(Rest服务)。 下面是创建cookie的rest服务: @Path("token") public class AuthService { @POST @Produces(MediaType.APPLICATION_JSON) public Response generateToken(@Context HttpServletRequest httpServletReque
@Path("token")
public class AuthService {
@POST
@Produces(MediaType.APPLICATION_JSON)
public Response generateToken(@Context HttpServletRequest httpServletRequest) {
//some code to get serializedJwt and xsrftoken. path is "/" and domain is "http://localhost"
Cookie jwtCookie = new Cookie("jwt", serializedJwt, path, domain);
Cookie xsrfCookie = new Cookie("X-XSRF-TOKEN", xsrfToken, path, domain);
NewCookie newJwtCookie = new NewCookie(jwtCookie, null, maxAge, false);
NewCookie newXsrfCookie = new NewCookie(xsrfCookie, null, maxAge, false);
return Response.status(SUCCESSFUL_REQUEST)
.header(ERROR_HEADER_NAME, SUCCESS)
.header("SET-COOKIE", newJwtCookie.toString()+" ; HttpOnly")
.header("SET-COOKIE", newXsrfCookie.toString())
.entity(MAPPER.writeValueAsString(responseBody)).build();
}
}
httpOnly对于X-XSRF-TOKEN为false。问题在我删除域后得到解决=
您可以发布浏览器收到的http响应头吗?
console.log($cookies.get("X-XSRF-TOKEN")); //prints undefined
$cookies.put('abc',"kishore"); //just for testing purpose
console.log($cookies.get("abc")); //this prints kishore
console.log(document.cookie); //this prints "abc=kishore"
Point from Stack overflow which helped:
• By design domain names must have at least two dots otherwise browser will say they are invalid.
• Explicit setting domain cookie on localhost doesn't work for chrome.
• You can only set domain cookies for registry controlled domains, i.e. something ending in .com or so, but not IPs or intranet hostnames like localhost