Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Cookies not sent with request for Web App manifest.json

Tags:

javascript

cookies

progressive-web-apps

web-app-manifest

I am trying to enable PWA on a web site that requires authentication (login tokens managed via Cookies)..

I am trying this out locally (http://localhost:4502) and login (and am issued the login cookie) for the web site.

The problem is when the Web App manifest is requested, no Cookies are sent on the request, so the request is not authenticated.

<link rel="manifest" href="/content/site-x/manifest.json">

As you can see the manifest is served off the the same host/scheme as the web page that includes it.

Do the requests for the the manifest have cookies passed along? I even set my login cookie to be as lax as possible, but nothing. The cookies are sent on all the other requests (JS, CSS, etc.) -- Is there something special about localhost perhaps? Or that its not http?

like image 571
empire29 Avatar asked Aug 10 '18 00:08

empire29

People also ask

What is manifest JSON in website?

The web app manifest is a JSON file that tells the browser about your Progressive Web App and how it should behave when installed on the user's desktop or mobile device.

What is PWA manifest JSON?

The web app manifest is a JSON file that defines how the PWA should be treated as an installed application, including the look and feel and basic behavior within the operating system.

Why manifest JSON is needed?

Using manifest. json , you specify basic metadata about your extension such as the name and version, and can also specify aspects of your extension's functionality (such as background scripts, content scripts, and browser actions).

What does manifest JSON mean?

The manifest. json is a simple JSON file in your website that tells the browser about your website on user's mobile device or desktop. Having a manifest is required by Chrome to show the Add to Home Screen prompt.

1 Answers

According to the https://developers.google.com/web/fundamentals/web-app-manifest/

The request for the manifest is made without any credentials (even if it's on the same domain), thus if the manifest requires credentials, you must include crossorigin="use-credentials" in the manifest tag.

So adding <link rel="manifest" href="/manifest.json" crossorigin="use-credentials"> for both cross domain as adding server cookies in the request for the manifest

like image 162
Stefan van de Vooren Avatar answered Oct 08 '22 19:10

Stefan van de Vooren
Sign in to Comment

Related questions

Google Chrome Extension Manipulate DOM of Open or Current tab
Prevent a double click on a button with knockout.js
How to set the id of a View in Backbone.js?
How to execute a function after some time
javascript get timestamp in system timezone not in UTC
Difference between Object.getPrototypeOf vs __proto__
Creating a .net like dictionary object in Javascript
Can I pass the templateUrl to the directive - AngularJS
Return a promise from a controller action in Ember?
Can Bootstrap be loaded asynchronously?
Finding Javascript-Applied Inline Styles to Debug Javascript
Multiple Select limit number of selection
Click on Google Maps API and get the address
Javascript (ECMA-6) class magic method __call like PHP
How to disable warnings about 'this' and strict mode using JSHint?
Template Literals from external file
Reset initial state in React + ES6
Write a string containing commas and double quotes to CSV
How to select element by 'role' attribute and filter by class with vanilla JS?
Angular material 2 datepicker with [ngmodel]

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!