How to read "Set-cookie" from response header in React - javascript

I can not read my cookie from the response header marked with the Set-Cookie key in my browser.
I can read and get everything in the response header except for the Set-Cookie.
My cookie is in the response header in my browser but I can not get or read it in my React project.
I noticed that it is not possible to get Set-Cookie in JavaScript.
I even have an extra tab called Cookies in my browser in the Inspect section and on the Network tab, in addition to the Headers, Payload tabs, etc., that contain my cookies.
I want to know how to save my cookie after logging in?
I use axios and Redux.
Thanks to those who help me!

Related

Get set-cookie value from the response header angular

I am trying to get the set-cookie from Response Headers.
The reason of doing this is set-cookie is not setting cookie and showing the warning This attempt to set a cookie via a Set-Cookie header was blocked because its Domain attribute was invalid with regards to the current host url. Attached is the screenshot
Now I thought to get the set-cookie value from Response Header by the following code
But it always returns null for set-cookie but return the value fo expires.
Please anyone can guide how to fix this issue or how can I get the value of set-cookie from Response Header.
Any help will be highly appreciated.
Thanks
According to developer.mozilla.org set-cookie is a forbidden response header name. You cannot read it using browser-side JavaScript
Browsers block frontend JavaScript code from accessing the Set Cookie header, as required by the Fetch spec, which defines Set-Cookie as a forbidden response-header name that must be filtered out from any response exposed to frontend code.

The cookies uploaded by the Fetch API are incomplete

There is a Cookie in the request header of the request initiated by calling fetch api. Yes, I have set credentials:"include".
The problem is that the cookies only contains 'jsessionid'. But actually there is a cookie named token, which I set on the server side by response.addCookie(new Cookie("token",token));.
I use Chrome's F12 and find that the cookie named 'token' normally exists in cookies, but it is not in the cookie in the request header of the request initiated by fetch.
what should I do to ask the Fetch Api to bring it? Thanks!

when inspect Chrome's developer tools can't see a cookie being set in Storage/Cookies?

spring boot Set-Cookie header, but i can not see the cookie in Storage/Cookies, another way still can not see anything, but when i post an request, it will be send by browser automatically, my main domin is m.example.com, my request domain is api.example, i also set withCredentials = true in axios, i also find some answers in stackoverflow, but it can not solve my problem
document.cookie() // can not read JSESSIONID
set-cookie-header-has-no-effect-about-using-cookies-cors-including-for-local
CORS

Intune API - CORS not enabled when uploading file to azure via link from creating mobileAppContentFile

I called https://graph.microsoft.com/beta/deviceAppManagement/mobileApps/<id>/<LOBType>/contentVersions/<content_version_id>/files, and received the azureStorageUri from it, but when I try to upload something into it (splitting the file into chunks), I always get 403 CORS not enabled.
I add $comp=block&blockid=<base64 block id> to the received uri.
My header is:
'x-ms-block-type': 'BlockBlob'
The exact error I receive is:
<Error>
<Code>CorsPreflightFailure</Code>
<Message>CORS not enabled or no matching rule found for this request.
RequestId:ce3ea3a7-f01e-0068-24b5-2c0795000000
Time:2018-08-05T12:10:00.6698414Z</Message>
<MessageDetails>No CORS rules matches this request</MessageDetails>
</Error>
Seeing as I always get the CORS issue, I tried enabling it by following this page, but, when making the request, again I receive the same CORS error.
I'm running it in my browser, if it's any help.
I'm kinda stuck and don't know how to proceed now. I'd be happy for any help. Thanks! :)
Edit: When I make the same request via Postman, it works just fine.
I'm kinda stuck and don't know how to proceed now
If you want to send a cross-origin request successfully, the request must match the CORS configuration including the request origin, headers & response headers. By default, CORS is disabled for each service. You could add the CORS setting for storage service. We could get more information about CORS from this article.
Note: CORS is not supported for Premium Storage accounts.
We could set it from Azure portal.
You can also use the wildcard character '*' to allow all origin domains to make requests via CORS.

How To Call Medium RSS Feed

Medium has an RSS feed available at https://medium.com/feed/[#username]. I'm trying to fetch all my blog posts using an XMLHTTPRequest. When I test on local, I run into CORs errors. When I turn on CORs Chrome extension, I get a 401 error. Any ideas? Has anyone succeeded in calling Medium RSS?
To get https://medium.com/feed/[#username] content using XHR, you can make the XHR request through a proxy of some kind. For example, trying giving your current XHR code this URL:
https://cors-anywhere.herokuapp.com/https://medium.com/feed/#sideshowbarker
That’ll cause the request to go to https://cors-anywhere.herokuapp.com, a open/public CORS proxy which then sends the request on to https://medium.com/feed/#sideshowbarker.
And when that proxy gets the response, it takes it and adds the Access-Control-Allow-Origin response header to it and then passes that back to your requesting frontend code as the response.
That response with the Access-Control-Allow-Origin response header is what the browser sees, so the error message the browser is showing you now goes away, and the browser allows your frontend JavaScript code to access the response.
Or use the code from https://github.com/Rob--W/cors-anywhere/ or such to set up your own proxy.
The reason you need a proxy is, responses from https://medium.com/feed/[#username] don’t include the Access-Control-Allow-Origin response header, so your browser will refuse to let your frontend JavaScript code access those responses cross-origin.
https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS has more details.
This is a bug.
Bug has opened. (Dan Abramov approved)

Categories