未收到带有 axios 发布请求的 Set-Cookie 标头

2022-01-01 00:00:00 axios php javascript vue.js

我有一个 PHP 脚本,如果直接在浏览器中(或由邮递员)调用,它会成功返回一些简单的标头以及 set-cookie 标头.我可以从 chrome devTools 读取这样的响应头.但是一旦我通过 Axios 调用它,set-cookie 标头就不会出现,并且浏览器中也没有保存 cookie.

I have a PHP Script which successfully returns some simple Headers as well as a set-cookie header if called directly in the browser (or by postman). I can read the response-headers like that from chrome devTools. But as soon as I call it by Axios, the set-cookie header doesn't show up and there's no cookie saved in the browser.

我尝试了不同的方法,例如更改服务器端的响应标头并将withCredentials: true"与 axios 结合使用,但没有任何效果.我什至没有收到错误或任何与 cors 相关的问题.

I tried diffrent things like changing the response-headers server-side and using "withCredentials: true" with axios, but nothing worked. I don't even get an error or any cors-related problems.

PHP:

header("Access-Control-Allow-Origin: http://localhost:8080");
header("Content-Type: application/json; charset=UTF-8");
header("Access-Control-Allow-Methods: POST, GET");
header("Access-Control-Allow-Credentials: true");
header("Access-Control-Allow-Headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With");
header("Access-Control-Max-Age: 99999999");
setcookie("TestCookie", "Testing", time() + 3600, "/", "localhost", 0);
die();

JS:

Vue.prototype.$http = axios.create({
    baseURL: XYZ,
    withCredentials: true
})

所以我的第一个问题是为什么直接调用php脚本时会出现header?以及如何存档以通过 axios 获取标题?

So my first question is why does the header appear when calling the php script directly? And how can I archive to get the header through axios too?

推荐答案

可能 cookie 是 'httpOnly',这意味着客户端 javascript 无法读取它.因此它没有显示在 chrome cookie 部分.在 mozilla 中测试相同的请求,将显示标题.

probably cookie is 'httpOnly', which means client side javascript can not read it. Therefore it is not showing in chrome cookie section. test the same request in mozilla, header will show up.

相关文章