I'm struggling with the problem in title for already couple of days with no success. I have an ASP.NET MVC 3 REST server which requires basic authentication. I want to write JS API accessing this server in AJAX way using XMLHHttpRequest.
For response to any http request including AJAX ones server adds "Set-Cookie: ASP.NET_SessionId=<session id here>; path=/; HttpOnly" header - that's ok. But it seems that Set-Cookie header is not processed by browser in any way - so even if I do next request with the same XMLHttpRequest object the cookie is not set properly and I can't maintain the session. What I might be doing wrong?
My script has been tested in 开发者_Go百科Firefox 6 and Safari 5 and I have the same problem happening in both browsers.
Although I haven't found any relevant solution to the original problem, I've been able to overcome it by implementing my custom transport for ASP.NET session and authentication artifacts.
In general, in my solution all ASP.NET artifacts are transfered from server to clients as JSON string appended to response content, and from clients to server - as custom HTTP headers.
Not sure that I haven't reinvented the wheel by doing that, but at least it works...
Your subject mentions you are using CORS. If so, try adding the following header to your response:
Access-Control-Allow-Credentials: true
Make sure you don't have this icon in Chrome address bar. They started blocking cookies from other domains, so your session id is lost.
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论