krisdames
Jan 05, 2024Cirrus
Solved
Change cookie domain in HTTP::respond
My need is to redirect requests for https://foo.xxx.com/mfe to a new URL (different domain) and pass along a specific cookie (cookie name is avul_user). The redirect works and the cookie is sent, but...
- Jan 06, 2024
When redirecting (and on cross-domain requests such as fetch()/XMLHttpRequest()) to third-party domains, the browser does not send cookies. Cookies are scoped to a specific domain (and possibly subdomains thereof), because it's a part of internet security, based on Cross-Origin Resourse Sharing (CORS).
Possible solutions for you case, their advantages/disadvantages and how to do it safely, are given on stackoverflow.