0

I made a cross-origin HTTP request from the website 'demo.home.com' to 'demo.company.com' using the Fetch api with the credentials set to 'include'. There are two cookies. One is 'cookie_home=123; Domain=demo.home.com', the other is 'cookie_company=456; Domain=demo.company.com'. As a result, the cookie 'cookie_company' was included by the request. Is there any way to let the cookie 'cookie_home' be included by the request?

// the request is made in the website 'http://demo.home.com'
// the cookies are:
// 'cookie_home=123; Domain=demo.home.com'
// 'cookie_company=456; Domain=demo.company.com'
fetch('http://demo.company.com/api/test', {
    method: 'GET',
    credentials: 'include'
});
sideshowbarker
  • 72,859
  • 23
  • 167
  • 174
lancewu
  • 23
  • 2
  • Possible duplicate of [Fetch API with Cookie](https://stackoverflow.com/questions/34558264/fetch-api-with-cookie) – t3__rry Mar 27 '19 at 08:46
  • It is a different question. it focuses on how to include the cookies with the domain of the host origin instead of the domain of the target url. – lancewu Mar 27 '19 at 08:58

1 Answers1

0

You can't. fetch (and XMLHttpRequest) provide no mechanism to manually set cookies in a request.

They'll only send cookies in the browser's cookie jar for the target URL. This applies the normal rules for which domain a cookie belongs to.

You need to use some other mechanism to send the data you would store in the cookies.

Quentin
  • 857,932
  • 118
  • 1,152
  • 1,264
  • Thanks for your help. I agree with your answer. I have to think of other ways to solve my problems. – lancewu Mar 27 '19 at 09:42