0

I am using XAMPP and opening a website hosted on PC desk from another PC in local network.

I am using Laravel Passport with CreateFreshApiToken middleware. When I am posting to my GraphQL API from PC "desk", everything works fine, but posting from another PC fails: no cookies are being sent.

Cookies are HTTP-Only. I am wondering if this is some cross domain issue, but I am using the same domain everywhere: http://desk and http://desk/graphql for my API.

Why are cookies not being sent?

Apollo Client setup

const httpLinkSecret = new HttpLink({
  // You should use an absolute URL here
  uri: "http://desk/graphql"
});
 var csrfToken = window.csrfToken;
Vue.prototype.csrfToken = window.csrfToken;
const authMiddleware = new ApolloLink((operation, forward, error) => {
  // add authorization to the headers
  operation.setContext({
    headers: {
      "X-CSRF-TOKEN": csrfToken
    }
  });
  return forward(operation);
});


const apolloClientSecret = new ApolloClient({
  link: authMiddleware.concat(errorLink).concat(httpLinkSecret),
  cache: new InMemoryCache(),
  connectToDevTools: true
});

EDIT 1

I figured out that on other machines it works on Chrome (only Desktop, not mobile) but not in Edge.

EDIT 2

If I simply do

var xhr = new XMLHttpRequest();
xhr.open('POST', '/graphql', true);

xhr.onload = function () {
  // Request finished. Do processing here.
};

xhr.send(null);

Then cookie header is being appended. Why does it not work with Apollo Client?

Zezi Reeds
  • 1,286
  • 1
  • 16
  • 29
  • Show your Laravel code, where you are trying to attach cookies, please – Tarasovych Apr 23 '19 at 06:24
  • @Tarasovych These are being attached by Laravel automatically (Laravel Session, Laravel Token, XSRF-token). – Zezi Reeds Apr 23 '19 at 09:13
  • Also, they are only not being attached to GraphQL xhr requests, normal requests work just fine – Zezi Reeds Apr 23 '19 at 09:15
  • 1
    Try to attach some cookie manually to your GraphQL response and see if it appears in the browser – Tarasovych Apr 23 '19 at 09:16
  • They are not. I created another post request "/somepost" to test, and there cookie header is being attached to the request. Wondering why this doesn't work with /graphql. – Zezi Reeds Apr 23 '19 at 09:43
  • Dig into your methods or GraphQL package... Can't tell you exactly, because you've not provided GraphQL methods/package name/smth other – Tarasovych Apr 23 '19 at 09:46
  • I think this must be an issue with my Apollo-Client implementation above. If I make a simple XHR request then cookie header is being appended. To my apollo requests its not. But cant figure out whats wrong – Zezi Reeds Apr 23 '19 at 10:16

0 Answers0