use*_*681 2 cookies google-chrome session-cookies node.js google-chrome-devtools
我正在尝试在我的后端(Express/Node/Mongo with express-session)中设置经过身份验证的端点,并且可以在响应头中向客户端(Chrome 版本 53.0.2785.143)发送一个 cookie,但是当我在应用程序->存储->Cookies-> http://localhost:8100下的开发控制台不存在,因此在后续请求标头中不会将任何内容发送回服务器。但是,当我测试使用 Postman 编写的代码时,似乎一切正常,这意味着服务器在登录时发送 cookie,当我获取经过身份验证的端点时返回 cookie。
Response Headers
HTTP/1.1 200 OK
X-Powered-By: Express
Vary: X-HTTP-Method-Override
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: DELETE, PUT, GET
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Type: application/json; charset=utf-8
Content-Length: 1258
ETag: W/"4ea-X9Q0hp8ptccLVapzMZamYA"
set-cookie: connect.sid=s%3AyEaCZPUtH-rA0yQ3Osk-FNBHxQNYbFqp.gvwe%2FO0GSSfaX6i8Y29XD9vEo6ht2M%2FqL00wiFpntnU; Path=/
Date: Tue, 25 Oct 2016 01:28:59 GMT
Connection: keep-alive
Request Headers
POST /login HTTP/1.1
Host: localhost:8000
Connection: keep-alive
Content-Length: 51
Pragma: no-cache
Cache-Control: no-cache
Origin: http://localhost:8100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.143 Safari/537.36
Content-Type: application/json
Accept: */*
Referer: http://localhost:8100/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.8
Request Payload
{"email":"test9876@gmail.com","password":"test123"}
Settings object for the session ID cookie:
{ path: '/', _expires: null, originalMaxAge: null, httpOnly: false }
session ID cookie name = 'connect.sid'.
Ionic2 service to login user.
public loginUser(user:Object):Observable<any>{
let headers = new Headers();
headers.append('Content-Type', 'application/json');
return this.http.post('http://localhost:8000/login', JSON.stringify(user), {headers: headers})
.map(this.extractData)
.catch(this.handleError)
}
public extractData(res: Response) {
console.log(res.headers); //cookie does not log here in response
let body = res.json();
return body || { };
}
小智 6
通常,chrome 不会为本地主机保存 cookie。请在 chrome 中禁用您的网络安全。
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --user-data-dir="C:/Chrome dev session" --args --disable-web-security
| 归档时间: |
|
| 查看次数: |
4237 次 |
| 最近记录: |