Follow

Why do my XHR/FETCH requests not contain Distil cookies?

The purpose of this article is to go over the browser requirements for sending cookies in XMLHttpRequests (XHR) or Fetch requests. These types of requests may also be known more broadly as AJAX requests. It is important to review that browsers require certain attributes to be set with XHR or fetch objects to send cookies.

If the browser loads the main document from one domain, and then submits AJAX calls to another domain, then you will need to refer to browser guidelines around CORS. For example, if you the main browser document is loaded from www.foo.com and AJAX calls are sent to api.foo.com, then you will need to refer to the CORS documentation. If the browser loads the main document from www.foo.com and the AJAX calls are made to the same domain, but a different path like www.foo.com/api/v1, then it is most likely not necessary to follow the CORS guidelines. Below is a link to the CORS documentation. 

https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS

Below are links and examples from the links on the most basic ways to send cookies in a given HTTP request.

https://developer.mozilla.org/en-US/docs/Web/API/XMLHttpRequest/withCredentials

var xhr = new XMLHttpRequest();
xhr.open('GET', 'http://example.com/', true);
xhr.withCredentials = true;
xhr.send(null);

https://developer.mozilla.org/en-US/docs/Web/API/Fetch_API/Using_Fetch

fetch('https://example.com', {
  credentials: 'include'
});

 

Was this article helpful?
1 out of 1 found this helpful
Have more questions? Submit a request

Comments