Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Prevent Cookies From Being Sent on AJAX Request

Tags:

jquery

ajax

I have a web service that I invoke from script but that does not need any information stored in cookies. Anytime I make a request to the service, the cookie is sent along with it. I understand that by default cookies are sent with HTTP request, but is there any way at all to override that behavior and not send the cookie?

In a nutshell, I am issuing my request like this:

$.ajax({     type: "POST",     cache: false,     url: url,     data: data,     contentType: "application/json; charset=utf-8",     dataType: "json",     success: function(response) { successFunc(response); },     error: function(xhr) { errorFunc(xhr); } }); 
like image 463
Simon Avatar asked May 13 '10 18:05

Simon


People also ask

Do cookies get sent with AJAX requests?

Basically, ajax request as well as synchronous request sends your document cookies automatically.

Can you prevent browser to send cookies?

Is not possible to prevent browser to send cookies.

Are Httponly cookies sent with AJAX?

More generally, cookies are not required for AJAX. XmlHttpRequest support (or even iframe remoting, on older browsers) is all that is technically required.

Do AJAX requests get cached?

ajax docs: By default, requests are always issued, but the browser may serve results out of its cache. To disallow use of the cached results, set cache to false.


2 Answers

Send AJAX requests to cookie-less subdomain on your server. So you app is www.mydomain.com and ajax requests are served from api.mydomain.com which you never set a cookie on. Also a great idea to do this with static files like images etc...

see the "Use Cookie-free Domains for Components" section of http://developer.yahoo.com/performance/rules.html

like image 172
Osseta Avatar answered Sep 22 '22 06:09

Osseta


Another approach would be prior to doing $.ajax:
1. get the cookies from the browser for your domain with javascript (save them in a global variable)
2. delete the cookies for your domain with javascript from the browser
3. do the $.ajax call
4. place the cookies (from the global variable) back in the browser.

If you don't need the cookies from your domain at all just delete them (so skip 1. and 4.).

like image 35
despot Avatar answered Sep 22 '22 06:09

despot