Open dshiells opened 8 years ago
Hi @dshiells I know it's been awhile but I am trying to set up the exact same thing. Can you tell me where in server.js
you added those lines?
+1
@janziemba This is a pretty old thread, I doubt you'll see any resolution or help. The best way forward is to probably write your own client middleware - I believe that's how I got around this.
Hi all,
I'm trying to pass through a Set-cookie header from my API to the browser, and want to run my potential solution by you to get feedback/ask if it's safe. Being authentication I wanted second opinions first before going live with it.
Basically in ApiClient.js I save the set-cookies returned from the API to a global variable (global.setCookies):
Then in src/server.js I set them before returning the result (and clear them before the next request):
I guess my biggest concern is if they are stored globally, could then end up in someone elses request?
Hope that all makes sense :)