starter

starter copied to clipboard

This allows cookies to be sent from an origin other than the primary origin. This can be useful if you want to have multiple sites hosted from different sub-domains but using the same API. Additionally, in development mode, this allows you to use a separate server (such as Ionic dev server) to go against the same API.

There shouldn't be any security concerns as this by default uses the same origin. It only allows changes if you specifically want to whitelist a particular domain to allow cookies from there.

Pass in allowed values as a comma-separated string:

SESSION_ALLOWED_ORIGINS=http://localhost:8100,https://sub.mydomain.com