You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Questions about cookies in axios have come up a lot in the past, yet, I haven't figured out yet what exactly is the behavior. And this confusion comes from a behavior that I didn't expect to happen. Let me explain.
I have an axios instance created on a mobile app that has the basic configuration to contact a server. All server APIs are routed through this only instance.
The server will serve both the mobile app, and a website. It requires authentication through a token, either from a cookie in the header or as a query param.
Upon authentication, the server responds with a "set-cookie" header containing the token. For the website, it will take advantage of browser's behavior with cookies, saving and passing cookies along with requests in future requests. In the mobile app, I manually check the "set-cookies" header, retrieve and save the token.
In all my past attempts, trying to access any server API from the mobile app, without explictly including a cookie with the token, or without explcitly including the token as a query param, failed the request with the server denying access due to missing token.
Today however, while working on some new APIs in the mobile app, I completely forgot to include the token in either place (header or query param). These new APIs however worked correctly. When I noticed, I have checked the request on the server, and indoubtly, there was a cookie with the authentication token since the initial authentication response.
In many other people's questions, it is always mentioned that axios will not pass cookies further automatically the same way a browser would - yet, here I am making requests through an axios instance that, it seems, passes cookies along just fine.
So now I am wondering, what is the behavior of axios with cookies?
Is the behavior I experienced specific to an axios instance only?
Does axios discard them after presenting the server response (resolving the promise)?
Does axios pass the cookies along in future requests?
Can I rely on an axios instance passing cookies along in it's requests?
p.s. with "axios instance" I mean an object returned by axios.create({ ... });
The text was updated successfully, but these errors were encountered:
Nothing special. For axios, there is no word called cookies, only headers.
If you want to send requests with cookies, make sure XHR (axios depends on XHR in browsers) can send it. If you want to read cookies from the response, make sure cookies are not http-only. For more details, maybe you can read my personal notes.
If you have further issues, make sure you have followed the issue template. Thanks.
Thank you for at least trying to help me...
I see that axios has no interest in defining common behavior for it's headers between the underlying adapters, so I'll go back to using XHR since I have to study it anyway in order to figure out what will happen with my headers and requests/responses.
Questions about cookies in axios have come up a lot in the past, yet, I haven't figured out yet what exactly is the behavior. And this confusion comes from a behavior that I didn't expect to happen. Let me explain.
I have an axios instance created on a mobile app that has the basic configuration to contact a server. All server APIs are routed through this only instance.
The server will serve both the mobile app, and a website. It requires authentication through a token, either from a cookie in the header or as a query param.
Upon authentication, the server responds with a "set-cookie" header containing the token. For the website, it will take advantage of browser's behavior with cookies, saving and passing cookies along with requests in future requests. In the mobile app, I manually check the "set-cookies" header, retrieve and save the token.
In all my past attempts, trying to access any server API from the mobile app, without explictly including a cookie with the token, or without explcitly including the token as a query param, failed the request with the server denying access due to missing token.
Today however, while working on some new APIs in the mobile app, I completely forgot to include the token in either place (header or query param). These new APIs however worked correctly. When I noticed, I have checked the request on the server, and indoubtly, there was a cookie with the authentication token since the initial authentication response.
In many other people's questions, it is always mentioned that axios will not pass cookies further automatically the same way a browser would - yet, here I am making requests through an axios instance that, it seems, passes cookies along just fine.
So now I am wondering, what is the behavior of axios with cookies?
Is the behavior I experienced specific to an axios instance only?
Does axios discard them after presenting the server response (resolving the promise)?
Does axios pass the cookies along in future requests?
Can I rely on an axios instance passing cookies along in it's requests?
p.s. with "axios instance" I mean an object returned by
axios.create({ ... });
The text was updated successfully, but these errors were encountered: