Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Chrome localhost cookie not being set

I have an ASP.net application that uses a cookie to store the user selected language. Everything works fine except when I'm on localhost. Replacing localhost by 127.0.0.1 makes it work again... why?

I saw intended restrictions to file:// but I can't actually find any reference to intended restriction to localhost.

What I can't really understand is why the ASP.net Session (ASP.NET_SessionId) and ASP.net Forms Authentication Cookies (.FSAUTHSSO) are correctly set for the localhost domain but my cookies aren't... why?!

I already googled a lot and nothing works:

  • Setting the Chrome command line flag --enable-file-cookies [DOES NOT WORK]
  • Setting the cookie to HttpOnly [DOESN'T MATTER]
  • Changing Expiration to Session or to a Date... [DOESN'T MATTER]
  • Changing the Cookie Path to Root (/) or to anything else [DOESN'T MATTER]

So what does matter? :)

And why can the ASP.net cookies be set and mine don't? What's the difference?

Last thing just to mention that this also happens on IE but works fine on FF.

Thanks!

Alex

like image 343
AlexCode Avatar asked Sep 08 '11 10:09

AlexCode


People also ask

Why is cookie not being set?

Check out the OPTIONS response header ACCESS-CONTROL-ALLOW-CREDENTIAL whether it is set to true . If the server doesn't allow credentials being sent along, the browser will just not attach cookies and authorization headers. So this could be another reason why the cookies are missing in the POST cross-site request.

Can we set cookie in localhost?

Secure cookies are set only on HTTPS, but not on http://localhost for all browsers.

Why localhost is not opening in Chrome?

What you can do is go to Chrome setting > Privacy and Settings > See all the cookies and site data , search for localhost and delete it. Then refresh your site it will be working.


1 Answers

Cookies are designed for second level and down. First level domains will not work. Instead you should use the address http://127.0.0.1 (as you mentioned) or you could edit your hosts file to map a different URL with a TLD to the address 127.0.0.1 such as:

yoursite.tld   127.0.0.1 

Just researched this further; found this answer: Cookies on localhost with explicit domain

like image 190
chrisburke.io Avatar answered Sep 18 '22 14:09

chrisburke.io