我有一个Angular(4)客户端(localhost:4200),它调用一个ASP MVC CORE 2 WebApi。其中一个调用http://localhost:5000/api/session/resume
会返回一个cookie以及响应。为什么我的浏览器不存储ASP MVC CORE 2 cookie?
在操作方法中,我返回了3个Cookie用于测试目的。
[AllowAnonymous, HttpPost, Route("api/session/resume")]
public async Task<AccountSignInResponse> Resume([FromBody]SessionResumeCommand command)
{
AccountSignInResponse apiResponse = await Mediator.Send(command);
if (!apiResponse.HasErrors) {
Response.Cookies.Append("TestCookie", ..., new CookieOptions
{
Domain = "localhost",
Expires = DateTimeOffset.Now.AddDays(100),
HttpOnly = false
});
Response.Cookies.Append("TestCookie4200", ..., new CookieOptions
{
Domain = "localhost:4200",
Expires = DateTimeOffset.Now.AddDays(100),
HttpOnly = false
});
Response.Cookies.Append("TestCookie5000", ..., new CookieOptions
{
Domain = "localhost:5000",
Expires = DateTimeOffset.Now.AddDays(100),
HttpOnly = false
}); }
return apiResponse;
}
该请求的报头是
Request URL:http://localhost:5000/api/session/resume
Request Method:POST
Status Code:200 OK
Remote Address:[::1]:5000
Referrer Policy:no-referrer-when-downgrade
和响应报头是
HTTP/1.1 200 OK
Transfer-Encoding: chunked
Content-Type: application/json; charset=utf-8
Vary: Origin
Server: Kestrel
Set-Cookie: TestCookie=XXVtPqCdZ%2BBt9IbhP5Bi7sOLZ%2F%2BELB4fZ0rFArkM%2Be4%3D; expires=Fri, 03 Nov 2017 09:47:28 GMT; domain=localhost; path=/
Set-Cookie: TestCookie4200=XXVtPqCdZ%2BBt9IbhP5Bi7sOLZ%2F%2BELB4fZ0rFArkM%2Be4%3D; expires=Fri, 03 Nov 2017 09:47:28 GMT; domain=localhost:4200; path=/
Set-Cookie: TestCookie5000=XXVtPqCdZ%2BBt9IbhP5Bi7sOLZ%2F%2BELB4fZ0rFArkM%2Be4%3D; expires=Fri, 03 Nov 2017 09:47:28 GMT; domain=localhost:5000; path=/
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://localhost:4200
X-SourceFiles: =?UTF-8?B?QzpcZGV2XFhlcnhlc1xYZXJ4ZXMtU2VydmVyXFNlcnZlclxhcGlcc2Vzc2lvblxyZXN1bWU=?=
X-Powered-By: ASP.NET
Date: Wed, 26 Jul 2017 09:47:28 GMT
正如你所看到的,正在从http://localhost:5000/api/session/resume
调用返回的饼干,但他们没有存储在Chrome,Edge或Firefox中的本地Cookie中。因此,当进一步请求图像和其他资源时,我只看到另一个cookie(cookieLawSeen),而不是这个熟。
当我在所有这些浏览器中浏览localhost的cookie时,在存储中看不到任何SessionToken。但是,如果我查看F12开发人员工具中的请求,则可以单击[Cookies]选项卡并查看ResponseCookies包含所有三个Cookie。
我有相同的象征。清理缓存并删除浏览器数据是我的解决方案。 –
这不是我的解决方案,我只是第一次在该网站上使用firefox。无论如何,我尝试过,但没有运气 –
你设置[withCredentials'属性为true](https://stackoverflow.com/questions/35602866/how-to-send-cookie-in-request-header-for-all-the -requests-in-angular2)当你从角度做api调用时?就像'this.http.get('http:// ...',{withCredentials:true})' – Set