Hi all. I'm using webpack-dev-server to serve up my files during development so I get that sweet, sweet hot reload. However, my API is on a different port, so I have to enable CORS for the time being.When I submit the login form with an xhr (not using action, just submitForm + $http service), it gives me the login successful message and writes the cookie to the browser as it should. However, subsequent requests from the browser that check for "req.user" on the server can't find it. When I do the same subsequent requests in Postman, however, it works just fine.Just to be sure, I hosted the front-end from Express instead (rather than webpack-dev-server on a different port), disabled CORS, and both the browser and the Postman workflow were working properly.I'd like to be able to use the hot reload / other goodies and test the login system / other APIs at the same time. Am I missing some fundamental knowledge about how session IDs / http-only cookies operate in a CORS environment? I googled around quite a bit and couldn't find anything definitive.Any tips would be appreciated :)
Submitted February 22, 2016 at 05:09PM by excessivecaffeine
No comments:
Post a Comment