0

I made a cross-origin HTTP request from the website 'demo.home.com' to 'demo.company.com' using the Fetch api with the credentials set to 'include'. There are two cookies. One is 'cookie_home=123; Domain=demo.home.com', the other is 'cookie_company=456; Domain=demo.company.com'. As a result, the cookie 'cookie_company' was included by the request. Is there any way to let the cookie 'cookie_home' be included by the request?

// the request is made in the website 'http://demo.home.com'
// the cookies are:
// 'cookie_home=123; Domain=demo.home.com'
// 'cookie_company=456; Domain=demo.company.com'
fetch('http://demo.company.com/api/test', {
    method: 'GET',
    credentials: 'include'
});
sideshowbarker
  • 81,827
  • 26
  • 193
  • 197
lancewu
  • 23
  • 3
  • Possible duplicate of [Fetch API with Cookie](https://stackoverflow.com/questions/34558264/fetch-api-with-cookie) – t3__rry Mar 27 '19 at 08:46
  • It is a different question. it focuses on how to include the cookies with the domain of the host origin instead of the domain of the target url. – lancewu Mar 27 '19 at 08:58

1 Answers1

0

You can't. fetch (and XMLHttpRequest) provide no mechanism to manually set cookies in a request.

They'll only send cookies in the browser's cookie jar for the target URL. This applies the normal rules for which domain a cookie belongs to.

You need to use some other mechanism to send the data you would store in the cookies.

Quentin
  • 914,110
  • 126
  • 1,211
  • 1,335
  • Thanks for your help. I agree with your answer. I have to think of other ways to solve my problems. – lancewu Mar 27 '19 at 09:42