1,207 questions
7
votes
2
answers
12k
views
Response header Set-Cookie doesn't store cookies in browser
I'm setting 2 cookies in response from backend to the browser.
One that is secure HTTPOnly (it's refreshToken) and the other one without those parameters so it's accessible to JavaScript (carrying ...
- 673
0
votes
1
answer
213
views
Is it impossible to set a domain of localhost cookie remotely from a backend?
I've already checked out these two SO questions:
Can I use localhost as the domain when setting an HTTP cookie?
Setting a cookie from a remote domain for local development
But I don't want to edit my ...
- 1,109
1
vote
0
answers
179
views
Cloud front signed cookie - resource path
I am using below method to generate signed cookie. HLS files which I am trying to serve via CloudFront are stored in S3 bucket after many levels.
/vod/folder1/folder2/folder3/streams/master.m3u8
I ...
- 188
-1
votes
1
answer
2k
views
You don't have permission to access ... on this server: API call issue
I am trying to call this endpoint using a get request.
https://disneyland.disney.go.com/availability-calendar/api/calendar?segment=ticket&startDate=2022-09-01&endDate=2022-09-30
When using ...
0
votes
0
answers
66
views
Cookie in the contact form only?
I found lots of complex replies for complex situations. Mine is simple. I just need a cookie for the page where is located the contact form: set an expiration time (one hour is more than enough). ...
- 81
1
vote
2
answers
3k
views
Set-Cookie present in the header but not being set in the browser
We are currently up against an error with our client/api cookie generation. We are using Angular 12 and NGINX for a frontend server running with SSL on a subdomain of cms.domain.co.uk; the backend is ...
- 11
1
vote
6
answers
2k
views
Can't delete WordPress cookies
I am working on WordPress multisite, and I have changed the login functionality. However, it needs the users to delete old cookies before using this functionality I have created. So I am trying to ...
1
vote
0
answers
731
views
How to use Set-Cookie header attribute
I have a client-server application, and I'm trying to set the access and refresh tokens as cookies in the browser. I set the response headers on the server side and the response looks like this:
The ...
- 384
3
votes
0
answers
659
views
Rails + Devise returning duplicate set-cookie response headers
I'm using Devise + Devise JWT with on API-only instance of Rails (7.0.2). We are using secure-cookies to pass our auth token to the frontend and noticed that the response we get after signing in has ...
- 2,424
8
votes
3
answers
40k
views
Set-Cookie not working properly in axios call
Explanation
here, I sent one get req to ABC.com/Users/Login using Axios after this I sent a post request to ABC.com/Users/Login with form data and Cookie.
but it does not work properly. It works ...
2
votes
1
answer
4k
views
Correct way to handle JWT tokens in cookies for authentication on the client-side
I have a backend that responds with a JWT token upon successful authentication. However, for security purposes, the cookie can not be visible from the client-side. Now in the frontend I use react. I ...
- 127
0
votes
1
answer
113
views
PHP Cookies in live server do not work but work in Local Host
I have a remember me signed in button where I check if it it set I set the cookies for email and password to put them in their fields later on if the user tried to log on and destroy them if the ...
0
votes
1
answer
783
views
Browser not saving response cookies
Frond-end: React (react-admin) with Webpack
Back-end: NestJS / Express
I developed 3 routes (login, check and logout) that are beautifully working with Swagger UI, but when I try to use the 'login' ...
0
votes
1
answer
192
views
Unable to set cookie in WKWebView using "Set-Cookie in BlackBerry Dynamics app
After upgrading to BlackBerry Dynamics for iOS (v10.1.0.36) cookies that previously were being set via the "Set-Cookie" header in the responses are no longer being set.
On performing some ...
- 119
1
vote
0
answers
2k
views
SvelteKit not setting cookie on page refresh
Every request to my API has a retry in case it fails with 401. In that case, it generates a new JWT and returns it from the endpoint.json to the handle function by setting the "event.locals.user&...
- 155
0
votes
2
answers
2k
views
Problem in Accessing third-party cookies from browser when the laravel project is uploaded on a shared hosting
I created a two simple website in a shared hosting where one can create cookies and another one where it can supposedly get that created cookie, although the first one is creating the cookie the ...
0
votes
0
answers
1k
views
Is Allow third party cookies setting need to be enabled to be able to read 3rd party cookies?
I am trying to read a 3rd party domain generated by the 3rd party (i.e. another host which is different from the UI) on the client-side.
So, this cookie has the Domain set explicitly to myuihost and ...
- 51.1k
0
votes
1
answer
255
views
How to identify cross-site requests?
I am having issues in reading cookies sent/set by the server in the response headers (Set-Cookie)
I wanted to understand if the below 2 scenarios constitute a cross-site
UI is running on http://...
- 51.1k
2
votes
1
answer
4k
views
Cypress blocks cookies sent from third party response when the same site attribute is not set. How to store such blocked cookie values and use them
We are trying to test a third party sign in (Single Sign On) flow using Cypress.
Cypress blocks cookies sent in third party response when the SameSite attribute is not set when tested with Electron V-...
2
votes
1
answer
9k
views
setcookie(): Passing null to parameter #7 ($httponly) of type bool is deprecated [duplicate]
public function csrf_set_cookie()
{
$expire = time() + $this->_csrf_expire;
$secure_cookie = (bool) config_item('cookie_secure');
if ($secure_cookie && ! is_https())
{
...
1
vote
0
answers
193
views
PHP Puppeteer setCookies()
I'm using method setCookie to set login session on a website with Captcha, but method $page->cookies($url) doesn't return added cookie. How should cookies be set in PHP Puppeteer?
$page = $browser-&...
- 13
1
vote
1
answer
1k
views
SameSite=Strict has no effect at all
I would like to use a SameSite=Strict cookie to mitigate CSRF for GET-requests.
The cookie consists of a randomly generated string, and is set the following way:
"Set-Cookie: CSRF_TOKEN=...
- 11
0
votes
2
answers
3k
views
Named cookie not present
I am building a website that will rely on cookies for various things.
Then I decided to have a function that sets a cookie then read the same cookie in order to see if the browser allows cookies.
But ...
- 1,407
2
votes
1
answer
741
views
PHP setcookie function including samesite parameter does not work
I have a fully working setcookie() php function running using these params...
<?php
setcookie(
'_siteauth',
Crypt::encrypt(site()->password),
time() + 86400,
'/',
);
?>
The code ...
- 5,206
1
vote
1
answer
993
views
Cookie Consent Logic Following GDPR guidelines [closed]
I haven't deployed a website since GDPR became a thing and sort of confused with some logic I need to do server and client-side to comply with GDPR. Sorry for the multiple questions here.
Currently, ...
- 1,505