Javascript ajax get call does not include cookie-sid on initial page load

Question

Javascript ajax get call does not include cookie-sid on initial page load

In my application, when / iframe is requested, I create a cookie and serve the iframe.html file. In the html file, I am using Javascript Ajax request to request user data (/ user), which is called in $ (document) .ready and has to pass the sid from the cookie (so I know the call is authenticated).

The problem is that the cookie-sid is not passed along with the Ajax get call on the first / iframe request (when there is no cookie yet). After a reload, the cookie-sid is passed with the call / user.

Does anyone have any suggestions for fixing the bootstrap?

I know the browser receives and stores the cookie and then sends it to the website every time a new page is requested, but does this also count for initial Ajax calls?

+2

javascript html node.js ajax cookies

Beatlevic May 18 '10 at 9:11

a source to share

1 answer

Baggz · Answer 1 · 2011-01-06T20:37:14+0000

By default, "credentials" such as Cookies and HTTP Authentication are not sent in cross-site requests using XMLHttpRequest. To send them you need to set the withCredentials property of the XMLHttpRequest object.

See http://hacks.mozilla.org/2009/07/cross-site-xmlhttprequest-with-cors/ .

Example

var request = new XMLHttpRequest();
var url = 'http://bar.other/resources/credentialed-content/';
function callOtherDomain(){
  if(request)
  {
   request.open('GET', url, true);
   request.withCredentials = "true";
   request.onreadystatechange = handler;
   request.send();
  }

Javascript ajax get call does not include cookie-sid on initial page load

More articles: