New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

The browser does not store the cookies session #280

Open

danielmalaton opened this issue Jun 12, 2024 · 0 comments

danielmalaton commented Jun 12, 2024 •

edited

Loading

Context:

My frontend app is running on http://localhost:8080
My backend app (Rails) is running on http://localhost:3000. This is an API app
Setting cors like below:

Rails.application.config.middleware.insert_before 0, Rack::Cors do
  allow do
    origins 'http://localhost:8080'

    resource '*',
             headers: :any,
             methods: %i[get post put patch delete options],
             credentials: true,
             expose: ['Set-Cookie']
  end
end

Setting session store like below:

Rails.application.config.session_store :cookie_store, key: '_my_app_session', domain: :all, same_site: :none, secure: Rails.env.production?

I'm sending a POST request withCredentials true that assign value to the session e.g. session[:user_id] = user.id

Current behavior:
The response header contains the Set-Cookie:

set-cookie:	_my_app_session=<value>; path=/; httponly; samesite=none

But the browser does not store it in the Storage cookies

Expected behavior:
The browser stores it in the Storage cookies

The text was updated successfully, but these errors were encountered:

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment