Saturday, 6 May 2023

Why won't my Angular app include cookies in a POST request?

 Recently while working on an Angular web app operating with CORS on localhost against a SpringBoot server I had an issue where my GET requests were fine, but the POST requests (in this case for logout) did not include a cookie. At first I though I had some kind of problem with my CORS config - but this was fine:


        var corsConfig = new CorsConfiguration();
        corsConfig.setAllowedOriginPatterns(List.of(
                "http://localhost:4200",
                "http://localhost:8080"));
        corsConfig.applyPermitDefaultValues();
        corsConfig.setAllowCredentials(true);


It turns out the signature for the POST request use by Angular is slightly different! The second argument is actually for a body. So in my case:

    return this.http.post<void>(this.logoutUrl, null, {withCredentials: true});


This might help someone who is starting to question their understanding of CORS (again)

No comments:

Post a Comment

Note: only a member of this blog may post a comment.

HTML form won't submit (Angular)

 It turns out if you mix normal HTML forms with Angular ones (i.e. using FormsModule) Angular will disable the default behaviour of forms on...