Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
N
N
Nikita Shchypylov2018-08-24 00:14:57
CORS
Nikita Shchypylov, 2018-08-24 00:14:57

Why do I see a cookie in the response from the server but not in the storage?

Hello! devServer at :3000, Express at :8080, I'm trying to put a cookie in the response from the server.
Backing code:

app.use(cors({
  origin: "http://localhost:3000"
}));
Router.route("/login").post((req, res) => {
  UserSchema.findOne({login:req.body.login}).then(user => {
    if (user === null) {
      UserSchema.create(req.body).then((data) => {
        res.cookie("userID" , data._id, { HttpOnly: true}).send(data);
      });
    }
    else {
      if (user.password === req.body.password) {
        res.cookie("userID" , user._id, { maxAge: 900000, httpOnly: true}).send(user)
      } else {
        res.send({error: {message: "Wrong password"}})
      }
    }
  })
});

Front (I use axios):
const axiosInstance = axios.create({
  baseURL: process.env.BASE_URL,
  headers: {
    'Access-Control-Allow-Origin': '*',
  }
});

Here's what I get:
5b7f23b1a985b254469316.png
In Cookies I see my cookie, but not in document.cookie.
Why?
Thanks

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

5 answer(s)
Report
D
Dmitry Belyaev, 2018-08-24
@bingo347

Because the code needs to be copied wisely...
res.cookie("userID" , data._id, { HttpOnly: true} )
PS Access-Control-Allow-Origin is a server header, it makes no sense to send it from the client

Report
A
Alexey Emelyanov, 2015-02-16
@Chekhoved

Replace
on the

<?php
$curPage = $APPLICATION->GetCurPage(true);
if (
            $curPage == SITE_DIR."index.php"
){?>

<div class="logo-up"><img src="<?=SITE_TEMPLATE_PATH?>/images/logo-up.png"  alt="" /></div>

<?}else{?>

<div class="logo-up"><a href="<?=SITE_DIR?>"><img src="<?=SITE_TEMPLATE_PATH?>/images/logo-up.png"  alt="" /></a></div>

<?}?>

Report
O
Oleg Titarenko, 2015-02-17
@olegtytarenko2 

$actual_link = "http://$_SERVER[HTTP_HOST]$_SERVER[REQUEST_URI]";
        if(SITE_DIR == $actual_link) {
            return true;  //Если главная
        } else {
            return false; //Если не главная
        }

Report
G
Gluck Virtualen, 2015-02-17
@gluck59

In the right CMS, the body or page IDs change depending on what page is currently displayed. Based on this, you can truncate the output of your a href site_dir.
If the CMS is wrong, then only "scams"...

Similar questions
A
Andrei Smirnov2017-10-02 22:36:54
How to turn off CORS in Chrome mobile browser? 0Reply
K
Konstantin2020-02-22 11:53:15
Why does CORS swear if the address is the same? 1Reply
A
alex-bul2020-03-22 04:34:10
How to send a CORS request? 0Reply
I
IDONTSUDO2020-03-27 10:07:58
CORS what could be the problem? 0Reply
Z
zlodiak2017-12-17 19:25:27
How to enable Access-Control-Allow-Origin in json-server? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question