cookie not stored on browser even if response contains 'Set-Cookie' header for ajax request.
Request code:
function hitLogin(){
var loginUrl = "http://myapp:8080/login";
var geturl;
$.ajax({
type: "GET",
url : loginUrl,
data: {
user : "user1",
password : "encryptedPassword"
},
headers: {
"credentials": 'include',
"withCredentials" : true,
"crossDomain": true,
"X-Requested-With" : "XMLHttpRequest",
"Content-type" : "application/x-www-form-urlencoded",
"Accept":"text/plain",
},
success : function(data)
{
alert("Ajax request data: "+data);
},
error: function( xhr, status, error )
{
alert("Ajax request error: "+status );
}
});
}
Response headers received :
Access-Control-Allow-Credentials:true
Access-Control-Allow-Headers:X-Requested-With,accept,content-type,Cookie
Access-Control-Allow-Methods:POST,GET,PUT,OPTIONS,DELETE
Access-Control-Allow-Origin:http://myapp2.com:7011
Access-Control-Max-Age:3600
Content-Encoding:gzip
Content-Type:text/plain;charset=ISO-8859-1
Date:Wed, 06 Jun 2018 15:10:09 GMT
Server:Apache-Coyote/1.1
Set-Cookie:MYCOOKIE=62lml5_S7qS31KaFDg-SH-e8Ds5FPjljCIHzfmhxMAr8Fdrqr6fHLjI7s2XPAO2P3tNFLNLS1_fgvDXF4pLmfg#1s1S1#normal-false; Path=/; HttpOnly
Transfer-Encoding:chunked
Vary:Accept-Encoding
withCredentials:true
I can see the cookie stored in browser when same url hit from browser, but in case of ajax request, its not stored. Hence unable to send subsequent requests, which excepts this cookie.