Menu
Okay, this is really kinda starting to bug me. I have a simple Web project setup located at: "C:\Projects\MyTestProject\". In IIS on my machine, I have mapped a virtual directory to this location so I can run my sites locally (I understand I can run it from Visual Studio, I like this method better). I have named this virtual directory "mtp" and I access it via http://localhost/mtp/index.aspx. All this is working fine.
However, whenever I try to create a cookie, it simply never gets written out? I've tried this in FF3 and IE7 and it just plain won't write the cookie out. I don't get it. I do have "127.0.0.1 localhost" in my hosts file, I can't really think of anything else I can do. Thanks for any advice.
James
877
Check out the OPTIONS response header ACCESS-CONTROL-ALLOW-CREDENTIAL whether it is set to true . If the server doesn't allow credentials being sent along, the browser will just not attach cookies and authorization headers. So this could be another reason why the cookies are missing in the POST cross-site request.
Secure cookies are set only on HTTPS, but not on http://localhost for all browsers. And because SameSite:none and __Host also require the cookie to be Secure , setting such cookies on your local development site requires HTTPS as well.
Yes, by default ASP.NET Session use cookies.
You may use Request. Cookies collection to read the cookies. Show activity on this post. HttpContext.
The cookie specs require two names and a dot between, so your cookiedomain cannot be "localhost". Here's how I solved it:
Add this to your %WINDIR%\System32\drivers\etc\hosts file: 127.0.0.1 dev.livesite.com
When developing you use http://dev.livesite.com instead of http://localhost
Use ".livesite.com" as cookiedomain (with a dot in the beginning) when creating the cookie. Modern browsers doesn't require a leading dot anymore, but you may want to use anyway for backwards compability.
Now it works on all sites:
194
Since an answer has never been chosen, I suppose I can still throw something else out there.
One reason you can run into no cookies being written with an application running under localhost is the httpCookies setting in the web.config. If the domain attribute was set to a specific domain and you run under localhost, the cookies did not get written for me.
Remove the domain attribute in development and the cookies are written:
<!-- Development --> <httpCookies httpOnlyCookies="true" requireSSL="false" /> <!-- Production --> <!--<httpCookies domain=".domain.com" httpOnlyCookies="true" requireSSL="true" />--> If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
