Open mdrbohlav opened 1 month ago
Hi!
When you say "the fetch has withCredentials: true", what do you mean? Because "withCredentials" is not a valid option for fetch. The correct option is credentials and Turbo sets it to "same-origin".
Have you checked the console for any errors?
Let me see if I got this straight. If you access admin.example.com
in incognito mode, the first load will not send the cookie using src defined in tubo frame. But, in subsequent loads it works?
You are right of course. Do not know where I saw XMLHttpRequest, edited the first post so it does not confuse anyone else. Anyway, that does not change my issue since I have the domain in the cookies set to .example.com
.
Hi guys, I have an issue with loading turbo frame from subdomain after hard reload (
cmd/ctrl+shift+r
or disabled cache in the Dev console > Network tab). So far I know it happens in Chrome and Safari, everything works in Firefox.The overview of the setup: 1) Main app runs on root domain, let's say
example.com
. The app there has a turbo frame that returns either user menu if signed in or guest menu if not. The url for that ishttps://example.com/-/user_menu
. Everything on this domain works as expected. 2) I have an admin part of the app that runs on a subdomainadmin.example.com
. It has the same user menu so the turbo frame there has the same urlhttps://example.com/-/user_menu
.The user menu is loaded correctly when I come to the admin app via a link from the main app. It also works when I reload the page (
cmd/ctrl+r
). But when I do hard reload (cmd/ctrl+shift+r
) the turbo frame request does not contain the cookie. Could there be an issue with how some browsers handle the cache reset on hard reload and the asynchronous turbo frame load? All the turbo frames loaded later have the cookie set in the request. Lazy loading does not help since this part of the page is at the top.The user cookie is set up to work with subdomains and the
fetch
hascredentials: 'same-origin'
.domain: .example.com
same-site: none
http_only: true
secure: true
expiration: in 2025
Do you have any idea what might be going wrong and where to look for a possible cause?
Ruby version: 3.3.2 Rails version: 7.0.4 Turbo version: 8.0.10 Chrome version: 129.0.6668.90