const res = await fetch('/login', { method: 'POST', headers: { Accept: 'application/json', Cookie: document.cookie }, credentials: 'same-origin', body: JSON.stringify(data) });

Here is the piece of code that sends the authorization request. Authorization passes, and the server sends the header set-cookie. But the cookie is not installed (document.cookie = ""). Help in what could be the problem

  • credentials: 'include' doesn’t work? fetch something polifillitsya or native? - Duck Learns to Take Cover
  • 2
    If the httponly flag is set in the cookies , then javascript will not get access to them! - Visman
  • Yes, there is an httponly flag. And how then to force the browser to install it? - Vitali
  • If I put 'include', then fetch drops Uncaught (in promise) TypeError: Failed to fetch - Vitali
  • one
    The authorization cookies are set by the server and accordingly checks their presence when the user visits the site. If you give access to such cookies from js, consider that you have been hacked. BUT any request from the browser, including using js, is automatically completed with all the cookies of the current domain (and its parent). - Visman

0