CODEWITHSUNDEEP
jqueryasp.net-mvcasp.net-mvc-4azure
hjavaher
hjavaher

Reputation: 2609

ASP.NET MVC 4 Cookie is not saved on Azure but locally its saves

I have an ASP.NET MVC 4 Project that I call using javascript. I'm about ready to pull my hair out as I just can't figure out why this is not working on the Azure server but locally its working like a charm. I have the following action:

public HttpStatusCodeResult Index()
    {
        //Save the Cookie
        CookieUtil.CreateCookie("CookieName",  "completeCookieContent", CookieExpiration); //cookie expiration is dynamically calculated in another function to be 30 days later

        Response.AddHeader("x-frame-options", "DENY");
        Response.StatusCode = (int)HttpStatusCode.NoContent;
        Response.Cache.SetLastModified(DateTime.Now);
        Response.Cache.SetCacheability(System.Web.HttpCacheability.NoCache);
        Response.Expires = -1500;
        Response.Cache.SetNoStore();
        Response.ExpiresAbsolute = DateTime.Now.AddYears(-1);

        return new HttpStatusCodeResult(HttpStatusCode.NoContent, "No Content");
    }

My CreateCookie Helper is as follows:

public static void CreateCookie(string cookieName, string value, int? expirationDays)
    {
        HttpCookie Cookie = new HttpCookie(cookieName, value);
        if (expirationDays.HasValue)
            Cookie.Expires = DateTime.Now.AddDays(expirationDays.Value);
        HttpContext.Current.Response.Cookies.Add(Cookie);
    }

I'm calling this page remotely via Jquery Load function from another website (crossDomain) (maybe this is the problem)

Locally, if I've tested this using a simple html page that uses the same load function and everything works and the cookie gets created under localhost. As soon as I upload this code on azure (websites), I get the call and it returns the 204 no content. But the Cookie does not get dropped under my domain. What

could be the problem? Am I missing a fundamental that doesn't allow this action? how can I overcome this?

Upvotes: 0

Views: 541

Answers (1)

Fals
Fals

Reputation: 6839

To allow another domain to consume something from your application, you must specify in your Global.asax:

protected void Application_BeginRequest(object sender, EventArgs e)
{
    HttpContext.Current.Response.AddHeader("Access-Control-Allow-Origin", "*");    
    /*HttpContext.Current.Response.AddHeader(
      "Access-Control-Allow-Origin", 
      "http://AllowedDomain.com"); */
}

'*' means that is public access, if you use your domain, this will make It more secury.

Reference: Cross-Origin requests and ASP.NET MVC

Upvotes: 1

Related Questions