http
http copied to clipboard
capacitor-community
Cookies from http response not being set for future requests
I could definitely be missing something in my understanding, so I apologize if that's the case, but here's the issue:
I have a React client for the frontend, and NodeJS / Express server for the backend. For authentication I use Express's passport.
When the client sends a successful login request, the server logs in the user on the backend and in the Http Response to the login Request there is a cookie called "connect.sid" (this is all thanks to passport doing it for me). This is not necessary for a developer to know, because normally that process just works, and that cookie is used in all future Requests, indicating to the server that the requester is already authenticated.
HOWEVER, while this worked great when I was using fetch to make those Http Requests, now that I want to use Capacitor and am replacing fetch with your great package (thank you, by the way), I'm finding that after that login Response with the cookie (which I can still see in the Network tab of Firefox), future requests do NOT include that cookie anymore. Additionally, I use this repo's getCookies after receiving that response and see that it is an empty list.
====
I will note that when using fetch, I passed my requests the option { credentials: "include" }, and I don't see an analogous option in this package, so perhaps it's just that. However, I don't understand the process that well, so I'm posing the question here.
Thanks!
I will add that in development my frontend is being served by the React Dev Server at http://localhost:3000, and my Express server responding to API requests is at http://localhost:9000, so perhaps there is something to do with cross-site going on here.
Same issue here - @mlynch @thomasvidas this seems to be a fairly serious problem.
Cookies for IOS won't work unless you change the hostname to your API server (which has other consequences such as Apple possibly rejecting your app and web APIs not working), which to be frank renders this plugin useless. WKAppBoundDomains don't seem to help either as some others have suggested.
Cookies for IOS won't work unless you change the hostname to your API server (which has other consequences such as Apple possibly rejecting your app and web APIs not working), which to be frank renders this plugin useless. WKAppBoundDomains don't seem to help either as some others have suggested.
I'm aware of this issue - however, the plugin also doesn't function as expected on Android either.
👋 I'm a bit confused what isn't working here. I just threw together a demo using this plugin with a simple expressjs server that sets and checks for a cookie, and I can confirm setting cookies and then having them be automatically sent on future requests is working fine on my end on both iOS and Android.
Any more info on exactly what is not working here?
And, to be clear: currently using the Web View's cookie mechanisms isn't going to work properly for the reasons others have shared here, but this plugin is making native requests and has nothing to do with the Web View. We are working on making cookies in the Web View work better with our future fetch() patch but that is a ways off.
Example repo: https://github.com/mlynch/capacitor-http-cookie-test Server: https://github.com/mlynch/capacitor-http-cookie-test/blob/main/server.js Client: https://github.com/mlynch/capacitor-http-cookie-test/blob/main/src/pages/Home.tsx
@mlynch Hi, have u tried using 'axios' and set token in the request interceptor with cookie (I'm using 'js-cookie') for other request. Hope you can re-produce this issue
