You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I am using express-http-proxy to proxy requests from a local web app to a certain other remote app (let's call it app A) that returns authentication information after signing in.
When I access app A directly from my local web app and sign in, the response to the login request contains a handful of headers that the browser uses to set a cookie containing an authentication token. Specifically it sends a bunch of non-standard headers along with a "Access-Control-Expose-Headers" header to allow the browser to have access to these headers.
When I send requests from my local app to app A directly, it sets this authentication token in a cookie and I am able to stay logged in. If I instead send requests from my local app and use my express app as a proxy to app A, the response headers do not contain the "Access-Control-Expose-Headers" header (though it does include all the other custom headers, including the token) and no cookie gets set with the necessary authentication token and my session is "timed out".
Do you know of any reason that the proxy would omit passing this header in the response from app A?
The text was updated successfully, but these errors were encountered:
I am using express-http-proxy to proxy requests from a local web app to a certain other remote app (let's call it app A) that returns authentication information after signing in.
When I access app A directly from my local web app and sign in, the response to the login request contains a handful of headers that the browser uses to set a cookie containing an authentication token. Specifically it sends a bunch of non-standard headers along with a "Access-Control-Expose-Headers" header to allow the browser to have access to these headers.
When I send requests from my local app to app A directly, it sets this authentication token in a cookie and I am able to stay logged in. If I instead send requests from my local app and use my express app as a proxy to app A, the response headers do not contain the "Access-Control-Expose-Headers" header (though it does include all the other custom headers, including the token) and no cookie gets set with the necessary authentication token and my session is "timed out".
Do you know of any reason that the proxy would omit passing this header in the response from app A?
The text was updated successfully, but these errors were encountered: