search

matthew-andrews / isomorphic-fetch

Isomorphic WHATWG Fetch API, for Node & Browserify
MIT License
6.95k stars 288 forks source link

Credentials: 'include' not working when using application/json Content-Type #109

Closed saitonakamura closed 7 years ago

saitonakamura commented 8 years ago

When I'm making POST cors request with credentials using Content-Type: 'application/json' it won't send cookies

fetch(`${baseUrl}/Comments/AddComment/${taskId}`, {
      credentials: 'include',
      method: 'POST',
      body: JSON.stringify(values),
      headers: new Headers({
        'Accept': 'application/json',
        'Content-Type': 'application/json'
      }),
    })

However, if I change Content-Type to application/x-www-form-urlencoded (like in this comment) and change JSON.stringify to formurlencoded from form-urlencoded package, cookies are sended properly, so it's kinda workaround

saitonakamura commented 8 years ago

When using PUT request, credentials: 'include' isn't woking either, but in that case even application/x-www-form-urlencoded isn't helping. As a second workaround I temporarily changed all my PUT and DELETE (which I didn't check by the way) to POST. Semantics is ruined, but thanks gods, it isn't a public api.

saitonakamura commented 7 years ago

Sorry, it was poor ASP.NET WebAPI OPTIONS request handling