why does my angular response interceptor not have the cookies listed?

Question

I am setting a few cookies from my node backend like so:

res.setHeader('Set-Cookie', 'id=' + result.id + '; expires=' + new Date(new Date().getTime() + (1800 * 1000)).toUTCString() + '; path=/');

I would like to know when this expires in my Angular app, so I setup a $http response interceptor and my interceptor returns with a response property:

response: function(response) {

    console.log(response.headers());
    return response;
}

But response.headers() show all headers but the cookies, though I am able to see them on Chrome's Network tab. I am not setting the cookies to be httpOnly anywhere explicitly. What am I missing here?

score 0 · Answer 1 · answered Jan 29 '16 at 01:31

0

This is a CORS issue.

Set-Cookie needs to be added to the list of allowed headers on the server.

app.use(function(req, res, next) {
    res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, Set-Cookie");
    next();
});

answered Jan 29 '16 at 01:31

gnerkus

11,357
6
47
71

no luck. I added 'Set-Cookie', and that didn't show anything. I had to use $cookie inside the $httpProvider.interceptor to get the values. – srrvnn Jan 29 '16 at 18:26

score 0 · Answer 2 · answered Jan 29 '16 at 03:27

0

If the call you are making to set those cookies is an ajax request then you need to make sure you set the withCredentials config option to true on the $http service. See Angular docs for more details.

answered Jan 29 '16 at 03:27

Kent Cooper

4,319
3
19
23

no luck. i added this in the $httpProvider.defaults. don't see any change. – srrvnn Jan 29 '16 at 18:25

why does my angular response interceptor not have the cookies listed?

2 Answers2