AngularJS ignoring Set-Cookie header in certain cases

Question

basically my problems is use set-cookie header with angular (looks like he is ignored even with the withCredentials set to true) but here is the problem if i make the same request the cookies go, but if i change the path does't work.

Example;

POST http://localhost/app/api/oauth/ HTTP/1.1
[other headers and payload]

then i get the answer:

HTTP/1.1 200 OK
Set-Cookie: ; expires=Wed, 31-Mar-2015 01:34:53 GMT

and send a request to access a resource:

GET http://localhost/app/api/oauth/test HTTP/1.1
Cookie:blah=something;

until now evething is ok, but when i try to access other resources on my server:

GET http://localhost/app/api/othercontroller/test HTTP/1.1

the cookie is not send anymore, only if i access some path after the path that create the cookie.

that is what network monitor show me. But i can't see that blah coockie on the resource tab (on cookie area).

Note: i already try use secure cookie or not and use http only cookie or not and all combinations between both of then. And i try don't use CORS or enable CORS, but anyone work too.

Anyone know what can be ? Thanks for you time and patience.

Answer 1

I'm pasting my suggestion from my comment.

Your initial cookie is set in a response of a HTTP endpoint path that is deeper than your second request.

Set-Cookie: ; Domain=foo.com; Path=/; expires=Wed, 31-Mar-2015 01:34:53 GMT

You may specify where to put your cookie by specifying a Path parameter in your response header like given above.