Skip to content

Jsessionid cookie won't retain in browser #993

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
adi518 opened this issue Apr 21, 2016 · 3 comments
Closed

Jsessionid cookie won't retain in browser #993

adi518 opened this issue Apr 21, 2016 · 3 comments

Comments

@adi518
Copy link

adi518 commented Apr 21, 2016
edited
Loading

Hi,

I have the following setup:

Localhost Express (LAN machine #1) -> Localhost Proxy (LAN machine #1) -> Servlet (LAN machine #2).

Servlet is including a Jsessionid cookie in it's response header, which I'm able to modify and receive on the response header of Localhost Express, but for some reason won't store under browser resources. Any ideas?

Thanks.
@adi518 adi518 closed this as completed Apr 25, 2016
@robtayl0r
Copy link

robtayl0r commented May 11, 2016
edited
Loading

I'm having trouble with the same issue, did you find a work around? The set-cookie header comes back with the JSESSIONID, but the browser doesnt retain it.

@adi518

@adi518
Copy link
Author

adi518 commented May 11, 2016
edited
Loading

Yes, the solution was just under my nose. It had nothing to do with inner-workings of node-http-proxy. In my case I was making a request from a localized domain (as depicted in OP) to another localized domain (but a different port of course, because by default Node server listens to all domains assigned to loop-back in your hosts file), which was the proxy server. The mistake was not making the request from the same localized domain (that of Express). So what happened is, the proxy returned the cookie and the browser retained under the proxy domain.

To visualize the issue:
I had an Ajax call going from site.com:80 -> proxy.com:81. The Jsessionid cookie was then retained under the wrong domain, namely proxy.com. As soon as I made my call from site.com:80 -> site.com:81 the cookie was retained correctly. I use Chrome, so checking where the cookie ended up was done by simply browsing to: chrome://settings/cookies. If you already turn to a proxy under the same domain and the cookie still doesn't retain, you probably omitted XHR option withCredentials to your Ajax/XHR call, which in this case the response isn't granting the browser permission to retain the cookie, part of how CORS works (see: http://api.jquery.com/jquery.ajax/, https://developer.mozilla.org/en-US/docs/Web/API/XMLHttpRequest/withCredentials).

@robtayl0r
Copy link

Thanks!

For anyone else who stumbles across this issue, I didn't have the same setup,

-> http://localhost -> proxy -> https://realserver.com,

In my case the cookie had the Secure flag, so although JSESSIONID was stored @localhost, it was not being sent in subsequent requests because I didnt use the https:// by setting the https property on the webpack-dev-server config.

@adi518 adi518 changed the title jsessionid won't store in browser Jsessionid cookie won't retain in browser Jul 22, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@robtayl0r @adi518