0

我已经设置withCredentials = true了,我从服务器获得了以下标头

Access-Control-Allow-Credentials:true
Access-Control-Allow-Headers:DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept,Origin,Referer
Access-Control-Allow-Methods:GET, POST, OPTIONS
Access-Control-Allow-Origin:.mydomain.com
Connection:keep-alive
Content-Type:application/json
Date:Tue, 06 Aug 2013 12:37:47 GMT
Server:nginx/1.1.19
Set-Cookie:sessionid=zjn8naedymjj6mm0aqjgxljbs3u1njzf; expires=Tue, 20-Aug-2013 12:37:47 GMT; httponly; Max-Age=1209600; Path=/
Transfer-Encoding:chunked
Vary:Cookie

但 cookie 不会在下一次请求时设置或传输。

4

1 回答 1

0

事实证明,我不能只使用.domain.com(wildcard) with Access-Control-Allow-Origin,我必须使用 ` http://exact.subdomain.example.com '

于 2013-08-06T13:05:07.173 回答