Databases
StackOverflow2013
Postsdbo
PO
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PO
    primarykey
    data
    text
    <p>I am operating in cross-domain scenario. During login remote server is returning Set-Cookie header along with <code>Access-Control-Allow-Credentials</code> set to true.</p> <p>The next ajax call to remote server should use this cookie.</p> <p>CORS's <code>Access-Control-Allow-Credentials</code> is there to allow cross-domain logging. Check <a href="https://developer.mozilla.org/En/HTTP_access_control" rel="noreferrer">https://developer.mozilla.org/En/HTTP_access_control</a> for examples.</p> <p>For me it seems like a bug in JQuery (or at least feature-to-be in next version).</p> <p>UPDATE:</p> <ol> <li><p>Cookies are not set automatically from AJAX response (citation: <a href="http://aleembawany.com/2006/11/14/anatomy-of-a-well-designed-ajax-login-experience/" rel="noreferrer">http://aleembawany.com/2006/11/14/anatomy-of-a-well-designed-ajax-login-experience/</a>)</p> <p>Why?</p></li> <li><p>You cannot get value of the cookie from response to set it manually (<a href="http://www.w3.org/TR/XMLHttpRequest/#dom-xmlhttprequest-getresponseheader" rel="noreferrer">http://www.w3.org/TR/XMLHttpRequest/#dom-xmlhttprequest-getresponseheader</a>)</p> <p>I'm confused..</p> <p>There should exist a way to ask <code>jquery.ajax()</code> to set <code>XMLHttpRequest.withCredentials = "true"</code> parameter.</p></li> </ol> <p><strong>ANSWER:</strong> You should use <code>xhrFields</code> param of <a href="http://api.jquery.com/jQuery.ajax/" rel="noreferrer">http://api.jquery.com/jQuery.ajax/</a></p> <p>The example in the documentation is:</p> <pre><code>$.ajax({ url: a_cross_domain_url, xhrFields: { withCredentials: true } }); </code></pre> <p>It's important as well that server answers correctly to this request. Copying here great comments from @Frédéric and @Pebbl:</p> <p><code>Important note: when responding to a credentialed request, server must specify a domain, and cannot use wild carding. The above example would fail if the header was wildcarded as: Access-Control-Allow-Origin: *</code></p> <p>So when the request is:</p> <pre><code>Origin: http://foo.example Cookie: pageAccess=2 </code></pre> <p>Server should respond with:</p> <pre><code>Access-Control-Allow-Origin: http://foo.example Access-Control-Allow-Credentials: true [payload] </code></pre> <p>Otherwise payload won't be returned to script. See: <a href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS#Requests_with_credentials" rel="noreferrer">https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS#Requests_with_credentials</a></p>
    singulars
    1. This table or related slice is empty.
    1. POWhy is jquery's .ajax() method not sending my session cookie?
      singulars
      1. PTQuestion
    1. PTAnswer
    1. USKangur
    1. USKangur
    plurals
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. VO
      singulars
      1. PO
      1. This table or related slice is empty.
      1. VTUpMod
    2. VO
      singulars
      1. PO
      1. This table or related slice is empty.
      1. VTUpMod
    3. VO
      singulars
      1. PO
      1. This table or related slice is empty.
      1. VTApproveEditSuggestion
    1. COGreat ! I add to use this + set Access-Control-Allow-Credentials header to true on server side
      singulars
      1. PO
      1. USFrédéric
 

Querying!

 
Guidance
A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload