Cookies lost when reverse proxy

Advany · October 25, 2020, 9:19pm

Hi there,

I am using a reverse proxy with this toml

[[redirects]]
from = “/"
to = “https://bubbleurl.com/:splat”
status = 200
force = true
headers = {Access-Control-Allow-Origin= "”}

It works great. Only it isnt passing the cookies (i thing because of a domain mismatch). How can I fix this?

Is there a way to change the cookie domain using the proxy?

Advany · October 26, 2020, 6:50pm

Can I hire someone to fix this?

hrishikesh · October 26, 2020, 9:05pm

I’m no expert, but, the answer is probably no. The domain name of setting cookies can only be decided while setting them. You can’t ‘move’ them later. However, if configured correctly, they can be read by other websites. See here for more details: web applications - Cross-Domain Cookies - Stack Overflow

Also, I’m not 100% sure if I’ve understood your question completely, but, maybe, if you have the cookie value before hand, you can set cookies using headers like this: HTTP headers | Set-Cookie - GeeksforGeeks

AaronP · October 26, 2020, 9:27pm

You cannot set cookies for another site as that would open up a ton of security issues. However, if you have access to the bubbleurl site (you run it) then you can add this functionality to handle a query string and set a cookie being passed to it.

Advany · October 26, 2020, 10:14pm

Hi guys,

I tried adding the following:

[[redirects]]
from = “/"
to = “https://test.saasworksuite.com/:splat”
status = 200
force = true
headers = {Access-Control-Allow-Origin= "”, Access-Control-Allow-Credentials= “true”, Access-Control-Allow-Methods= “GET, POST”, Access-Control-Allow-Headers= “Content-Type, *”}

But then the status 200 fails to work. I have no access to the bubble code (as its a no code platform). But I though since the request is passed thru netlify I should be able to modify or remove something inside the header before passing it down to the client.

Is there nothing like that?

hrishikesh · October 27, 2020, 5:57am

Sadly, I don’t know anything more in this regard. However, if I may ask, what exactly do you want to achieve by passing on the cookies? If there are some other workarounds, maybe someone can suggest that.

romain1304 · April 21, 2022, 3:08am

damn… nothing else, , ,

coelmay · April 21, 2022, 3:26am

What else where you hoping for @romain1304?

As explained there is not way to access a cookie set by example.com on example.net.

Is there something specific you are trying to achieve?