Set-Cookie not working on Opera/Firefox but it does on Postman. (express)

Question

I've been reading for a whole day about people who had this same problem and i've tried everything I could, but cant seem to make it work.

I think it's related to browser security policy, my server and client are running both on different localhost ports and browser threats them as different domains.

However, as I said, the cookie its set if I make the post request from Postman.

Cookieparser and cors are enabled and tried multiple configurations for them, none worked.

Also tried different settings for domain and path with same result.

I also thought that it could be related to my browser addons or something like that, but I tried with incognito, other browsers and got the same results...

The client app its on Angular, but I doubt that has anything to do with the problem from what I've read.

res.cookie("SESSIONID", jwtBearerToken, { domain: 'localhost', secure: false, httpOnly: false, path: '/', maxAge: 9000000 }).send();

What I get on browser:

REQUEST AND RESPONSE

Thanks

score 1 · Accepted Answer · answered Nov 17 '18 at 13:00

Solved it myself.

Had to specify the origin, seens like wildcard '*' wasnt valid with credentials

app.use(cors({
    origin: 'http://localhost:4200',
    credentials: true
}));

Then on my angular http request I had to add withCredentials: true (which I already tried, but using the wildcard on the origin).

Hope this is useful for anyone!

Set-Cookie not working on Opera/Firefox but it does on Postman. (express)

1 Answers1