xdomain requests are used unneccessarily, omitting cookies #97

Closed
plievone opened this Issue Jan 31, 2013 · 12 comments

5 participants

@plievone

I upgraded to 0.4.x and wondered quite a while why cookies were not transferred for same domain requests (on default port 80, omitting port from the url). The culprit was that eio used xdomain requests for the same domain, despite the good fixes earlier. I will look into this. On the other hand, decreasing the header size by omitting cookies could be feature too, but xdomain doesn't work on all browsers.

@rauchg

@plievone all really solid points. It hadn't occured to me that using xdomain to avoid cookies when xdomain is available could end up being a feature, but that really sounds like a cool optimization :D

@rauchg

Especially in a world of multiple Cookie headers with huge hashes inside.

@plievone

Yes, and I should add here that currently as xdomain is defaulted to more than needed, eio will fall back to jsonp more than needed. I wonder how many of the open jsonp tickets on engine.io and engine.io-client could be circumvented by just using same domain xhr (not always possible). When enforced, same domain xhr long polling works fine for me on iE6 and old mobile browsers too. Perhaps it would be better to advice against JSONP altogether.

@polidore

I am having the same issue when I use engine.io in ie9. any pointers here?

@polidore polidore referenced this issue in socketstream/socketstream Apr 1, 2013
Closed

IE not sending cookie on engine.io xhr requests #364

@oroce

I could reproduce this issue, the problem is with location.host and location.port in IE.

@rauchg

@oroce can you elaborate please?

@oroce

@guille: yup. I've already fixed in my local clone of the repo, I'm gonna run some tests, and create a pull request.

@rauchg

@oroce you're the man

@oroce

Actually, fix is here: brozie@b5c982c...df01aea

Currently I'm looking for some kind of test to cover this. Any idea?

ps: we are using engine.io-client with this modification in production since february and our load balancing based on io cookie. (so far we haven't got any xdomainrequest)

@rauchg

@oroce LGTM, don't worry about tests

@defunctzombie

seems this issue was fixed a while back

@polidore
@rauchg rauchg closed this Dec 8, 2013
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment