CODEWITHSUNDEEP
node.jsexpressheroku
trogne
trogne

Reputation: 3552

unable to send cookie to backend with heroku

I'm doing an axios request to my backend, and set a cookie :

axios.get(`http://mybackend/somepage`)
     .then((response) => {
        res.cookie('token', response.data.token)
        res.send(`click here <a href="http://mybackend/profile">profile</a>`)
})

On my backend, I use express with "cookie-parser".

Clicking the link to the backend, I get this with console.log(req.cookies) : "[Object: null prototype] {}".

Looking at the request headers, the cookie is not even sent.

I don't have this problem when I test on localhost.

Is it because it's not possible to exchange cookies between two domains (in this case 2 heroku apps) ?

Upvotes: 2

Views: 1190

Answers (1)

samarmohan
samarmohan

Reputation: 350

No you can not send cookies between two Heroku apps...
*.herokuapp.com has been added to the Public Suffix List which means you can not exchange cookies between those sites.

herokuapp.com is included in the Mozilla Foundation’s Public Suffix List. This list is used in recent versions of several browsers, such as Firefox, Chrome and Opera, to limit how broadly a cookie may be scoped. In other words, in browsers that support the functionality, applications in the herokuapp.com domain are prevented from setting cookies for *.herokuapp.com. Note that *.herokuapp.com cookies can currently be set in Internet Explorer, but this behavior should not be relied upon and may change in the future.
Article

Other StackOverflow question

FIXES:

  • You can use a custom domain name
  • Have your second site available at firstSite.herokuapp.com/secondSite

Upvotes: 5

Related Questions