我使用 Redux-Toolkit (RTK) 查询和
"credentials": "include"
选项来通过我的获取请求发送 cookie。
这是我的设置:
const baseQuery = fetchBaseQuery({
baseUrl: `${import.meta.env.VITE_SERVER}`,
prepareHeaders(headers) {
return headers;
},
credentials: "include",
});
export const baseApi = createApi({
baseQuery: baseQuery,
})
当我发出登录请求时,我从服务器收到了
"Set-Cookie"
标头
HTTP/1.1 200 OK
X-Powered-By: Express
Access-Control-Allow-Origin: http://localhost:5173
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Expose-Headers: Set-Cookie
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
Set-Cookie: token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6IjY0Yzg4OTU1YWUxODgwZjJmYzM1NmNjMSIsImlhdCI6MTY5MDg2NTIyMiwiZXhwIjoxNjkwODY2MTIyfQ.X_jNxlInBjaIkqevoaryDYDxSC15Qc9YBNjgdM9XpOs; Path=/; HttpOnly; Secure; SameSite=None
Content-Type: application/json; charset=utf-8
Content-Length: 308
Connection: keep-alive
Keep-Alive: timeout=5
任何后续请求均不包含标头 Cookie 来自客户端的标头例如:
Accept: */*
Accept-Encoding: gzip, deflate, br
Accept-Language: vi-VN,vi;q=0.9,fr-FR;q=0.8,fr;q=0.7,en-US;q=0.6,en;q=0.5
Connection: keep-alive
DNT: 1
Host: localhost:3000
Origin: http://localhost:5173
Referer: http://localhost:5173/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site