Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

withCredentials in cross domain request dosn't work

See original GitHub issue

Context

axios version: v0.18.0, v.0.17.0
Environment: e.g.: Firefox 52.9.0 Linux, Chrome 67.0.3396.99 Linux

Problem

It looks, that Axios is unable to send cookie in request to another domain. I’ve two app:

frontend on local computer, port 8080
backend on local computer, port 9000

In frontend I’ve defined backend as: http://127.0.0.1:9000.

In my JavaScript code I have service:

import axios from 'axios';
axios.defaults.withCredentials = true;
axios.get('127.0.0.1:9000/api/v1/inventory/system', {withCredentials: true});

When I open my frontend as: http://127.0.0.1:8080 (frontend and backend are in the same domain 127.0.0.1, only port is different), everything is ok, cookie is present in request headers.

But when I open my frontend as http://localhost:8080 cookie is missing in request headers. It’s GET request, and there no preflight request, so I would expect, that cookie will be added to request.

I’ve attached screenshoots

Correct request with cookie (the same domain):

correct

Incorrect request without cookie (cross domain):

incorrect

Issue Analytics

State:
Created 5 years ago
Reactions:4
Comments:35

Top GitHub Comments

59reactions

nevermo2013commented, Oct 17, 2018

我遇到了同样的问题,跨域请求无论怎么设置axios.defaults.withCredentials = true 都无法发送cookie

24reactions

liyun-licommented, Nov 14, 2018

Little late to the party but I’ve been bashing my head against the wall on this.

I think the issue is not caused by axios but by your browser(s). By default, your browser refuses to send cookies to a “remote” location.

I resolved my issue by using 127.0.0.1 as my host instead of localhost. For anyone who’s experiencing this problem during local development, I recommend assuring that your domain name isn’t localhost but 127.0.0.1.

Hope this helps.

Top Results From Across the Web

How to make XMLHttpRequest cross-domain withCredentials ...

I have requests working without authentication, but once I set withCredentials to true I am no longer able to read the response from...

XMLHttpRequest.withCredentials - Web APIs | MDN

The XMLHttpRequest.withCredentials property is a boolean value that indicates whether or not cross-site Access-Control requests should be ...

Enabling Cross-Origin Requests in ASP.NET Web API 2

Credentials require special handling in a CORS request. By default, the browser does not send any credentials with a cross-origin request.

Include credentials on cross-origin requests

Cross -origin Resource Sharing (CORS) is a mechanism that uses additional HTTP headers to tell a browser to let a web application running...

axios cross domain cookies | The AI Search Engine You Control

I'm working on a Vue project right now,Cookie cannot be carried due to cross-domain request,I tried setting withCredentials to true in Axios,But it...