未在跨域上设置 cookie - angularjs 和 nodejs/express

cookie not set on cross domain - angularjs and nodejs/express

跨域请求未设置 cookie。我的服务器在 localhost:8000 中是 运行,在 localhost:9000 中是客户端 运行。服务器 nodejs/express 上的 cors 设置是

app.use(function(req, res, next) {
console.log(req.method);
res.header("Access-Control-Allow-Origin", "*");
res.header('Access-Control-Allow-Methods', 'GET,PUT,POST,DELETE,OPTIONS');
res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, Cache-Control, Authorisation");
if (req.method === 'OPTIONS') {
    return res.send(200);
} else {
    return next();
}});

客户端使用angualarjs,cors配置为

SelappsAdmin.config(['$httpProvider', function($httpProvider) {
  $httpProvider.defaults.useXDomain = true;
  delete $httpProvider.defaults.headers.common['X-Requested-With'];
}])

快递上

var express = require('express');
var session = require('express-session');
var cookieParser = require('cookie-parser');

var app = express();

app.use(cookieParser());
app.use(session({
    secret: 'yoursecret',
    cookie: {
        path: '/',
        domain: 'yourdomain.com',
        maxAge: 1000 * 60 * 24 // 24 hours
    }
}));
app.use(function(req, res, next) {
    res.header('Access-Control-Allow-Credentials', true);
    res.header('Access-Control-Allow-Origin', req.headers.origin);
    res.header('Access-Control-Allow-Methods', 'GET,PUT,POST,DELETE');
    res.header('Access-Control-Allow-Headers', 'X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept');
    next();
});

于 angular

$httpProvider.defaults.withCredentials = true;

delete $httpProvider.defaults.headers.common["X-Requested-With"];

我从这个Link

中找到

快递上

app.use(require('cors')({
  origin: function (origin, callback) {
    callback(null, origin);
  },
  credentials: true
}));

于 angular

$httpProvider.defaults.headers.common['X-Requested-With'] ='XMLHttpRequest';
$httpProvider.defaults.withCredentials = true;