cfredric
commented
5 months ago The cookie will be in the Cookie request header, if the page uses the API as intended.
The code for the demo is linked from the demo; see the "Code for this page" link.
All your page needs to do is call document.requestStorageAccessFor(myOrigin), make sure that promise resolves, then issue web requests that are CORS-enabled and have credentials: 'include'. (This assumes that you've set up your RWS appropriately; requestStorageAccessFor is not supported outside of an RWS.)
(I don't know where the getcookies.json endpoint is implemented for that demo, but we don't actually need to know; you can just follow the example of the nextSteps and checkCookie functions in the demo's code on public/request-storage-access-for.html.)
clementsimon
I tested locally with two domains, primary -> https://medscape.com and associated -> https://medscape.org and I have implemented one api to print the cookies that are shared across similar to https://related-website-sets.glitch.me/getcookies.json.
My question is , after the requestforStorageFor() is triggered , my internal api is being triggered to check if the crossiste cookie is added in the request header but I don't see any.
I don't see the same in /getcookies.json api in the mentioned demo as well, but it does retrieve the crosssite cookie, can you please help how to get the cookie if its not in the request header.
if possible can you brief me on how the /getcookies.json api works.
Thank You