2

i am playing around with Postman to get some insight on how things work behind the curtain and ran into, what I believe, is an issue but wanted to ask before I create a new issue on GitHub.

I am intercepting the request from my browser to the same site using the Postman Interceptor to use the request values in the native app. I have cookies enabled and the site (the whole domain) whitelisted.

When I use the history to resend the same request that was captured I get an auth error that is caused by the fact that the cookies are not included in the request (found that out by checking the cURL code snippet). I believe the reason for that is, that the cookies are set under another sub domain than that the request is send to.

I will try to include some pictures to clarify. My question here is: Am I missing something/did I set something up in the wrong way or is this an issue and I should create an issue in the official Postman Github page

cURL request

Cookies in Postman Native App

Medre
  • 21
  • 2
  • do you capture cookies also setup for the domain ? – PDHide Feb 01 '21 at 11:40
  • @PDHide I have setup the whitelist in the [Native App like this](https://gyazo.com/699edb28215496c01297eeb946f0b644) and in the chrome addon I only have the tr.playblackdesert.com address. I can see all the cookies in Postman though, they just dont get send in the request – Medre Feb 01 '21 at 13:31
  • you should goto interceptor and select cookies and capture cookies for the specified domain – PDHide Feb 01 '21 at 13:34
  • @PDHide I already do, as you can see in my question the screenshot titled as "Cookies in Postman Native App" the cookies are being captured, they are just not being send in the request – Medre Feb 01 '21 at 13:43

1 Answers1

0

you should see if cookie is being send not using code snippet but the console :

enter image description here

its indeed sending cookies ,

PDHide
  • 18,113
  • 2
  • 31
  • 46
  • It is sending cookies but not the cookies of the top level domain itself (google.com) but of the subdomain (some-random-stuff.google.com). I would need the whole cookies as the authentication cookies are saved on the main page but the processing of the request (where I send my POST request) is done on a subdomain – Medre Feb 01 '21 at 16:25
  • 1
    I will just take this route instead https://www.youtube.com/watch?v=lqqYBLJR1Yc thanks for the help though – Medre Feb 01 '21 at 16:47
  • Glad if thats what you wanted :) – PDHide Feb 01 '21 at 17:21