JavaScript - request-cookies missing from `document.head.appendChild` src & href

Question

As the title suggests, this is strange but true.

server-side

The server (PHP) sets a session-based cookie on every request; as suggested, this cookie expires when the browser is closed.

client-side

A function is used to dynamically add required JavaScript and CSS files into the DOM head via <script src="/some.js"></script> and <link rel="stylesheet" href="/some.css"> respectively.

I can see the requests happen in the Network tab of the developer tools, but when I click on one of them I see that each of those requests have NO request-cookies!

Now my web app fails because the server is looking or a session-token from the (missing) cookie.

question

Why are my cookies missing? I'm not deleting them!

Any advice welcome, thanks.

have you checked the domain and path parts of your cookies? also, have a look at the cookie-size (value in bytes); if the size is lower than 1 or higher than 4000(ish) then your cookies will automatically be discarded by the browser — argon
omw! I've checked this and you're right, my cookie ended up being over 6k! thank you! — mika

argon argon · Accepted Answer · 2019-10-29T22:50:49

Browser cookie size limitations

At the time of this question, browsers discard cookies when their size exceeds 4000 bytes (more or less). The documentation may specify "4096", or you may set the limits yourself in your browser configuration, but to stay safe, make sure your cookies never exceed 4k bytes.

This may change in the future, but keeping the size limits in mind will prevent vanishing cookie (header) issues in general.

Lastly, if your cookie size is 0 bytes it may also "vanish".