I'm trying to send a login request to a server that uses cookies. The request works perfectly in Insomnia client. My request looks like this:
POST: https://website.com/...
Headers:
* accept: application/json, text/plain, */*
* accept-language: fr,fr-FR;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6,hr;q=0.5
* content-type: application/json
* [custom-header-field]: jk#Bea201
Body is json:
{ "email": "...", "password": "..." }
When I send the request it works. Returns a 200 with response data + set-cookie headers. However, the code generated by insomnia doesn't work. Here it is :
const fetch = require('node-fetch');
let url = '...';
let options = {
method: 'POST',
headers: {
accept: 'application/json, text/plain, */*',
'accept-language': 'fr,fr-FR;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6,hr;q=0.5',
'content-type': 'application/json',
'custom-field-...': 'jk#Bea201'
},
body: '{"email":"...","password":"..."}'
};
fetch(url, options)
.then(res => res.json())
.then(json => console.log(json))
.catch(err => console.error('error:' + err));
For some reason, running this code makes my node program hang, no error message. It only works when I add the cookies that I receive from the Insomnia request into the headers. But to my understanding, there is no way of me knowing in advance what those cookies are. I have even tried using fetch-cookie, and it gives the same result. Doing it with curl gives me the following error:
<HTML><HEAD>
<TITLE>Access Denied</TITLE>
</HEAD><BODY>
<H1>Access Denied</H1>
You don't have permission to access "http://[website];com/authentication/login" on this server.<P>
Reference #18.44c01160.1645662994.95d786
</BODY>
</HTML>
Is this because of CORS?
