Trying to use CORS and XSRF on different domains

I have a frontend and a backend app. They are in different domains (subdomain). The frontend app does a first request (GET) to get some server-side information, basically session_id and XSRF-TOKEN cookies.

The situation is:

myapp.com cookies: _session_id api.myapp.com cookies: XSRF-TOKEN

So, my frontend app gets the _session_id cookie but it doesn't get the XSRF-TOKEN. When I try to get the XSRF-TOKEN to put it on the header like X-XSRF-TOKEN it isn't possible because they're different domains.

Any good soul to help me? Thanks in advance.

You'll want to consider the following: Share session (cookies) between subdomains in Rails?

#config/initializers/session_store.rb
YourApp::Application.config.session_store :cookie_store, key: '_yourapp_session', domain: :all, tld_length: 2

The ASP.Net Web application tries to use impersonation and delegation to connect to a file server

I'm trying to use Impersonation and Delegation in an intranet ASP.Net web-app in order to pass authenticated users' credentials onto a File Server so it can write a file to a directory. The web server and file server are two separate machines, but in

C ++ trying to use #ifndef and #include statements

Ok, so I'm a HTML/Javascript/PHP professional, but I'm trying to learn C++. I'm still a newbie at it, and I have a C++ programming project that I have errors with. The file that contains int main() is 'football.cpp', and I have .h and .cpp files for

Obtain NoClassDefFoundError when trying to use Proguard and SQLcipher in Android

I am getting a ava.lang.NoClassDefFoundError: net/sqlcipher/CursorWindow when trying to run my app using sqlicipher and proguard. The project works perfectly without proguard enabled. The first time I use sqlcipher to create a new db I get the error

& ldquo; Expected identifier or '(' before int & rd; error when trying to use set and functions together

I was trying to use define with functions in C but there is an error for multiply function's first line. It works when I run it without the define. #include <stdio.h> #define multiply(n1, n2) (n1 * n2) // multiply function returns multiplication of

The legality and morality of different domains of 'new' and 'suppress'

I am creating a dynamic array inside a function. The code (posted below) runs without any problem. I am wondering if the way I have written is the right way to do it or if it will create problems in more complicated codes in the future. I am aware th

Why do I get [Laravel - Undefined variable: users (View ..] if I tried to use POST and GET on the same view?

I am trying to make a simple search form using laravel. the search page is supposed to be the same for results. but I can't make it work, and i'm not sure why It works on a different Route but can't get it to work on the same route. Routes: Route::ge

Detect the type of OS using Javascript and do something different by OS

So I've looked around to try to find something suited to my situation, and whilst i've found lots of snippets that allow me to detect screen sizes, or a particular OS, solutions i've found are incomplete, or I cant figure out how to modify them so th

Use images and js from different ExpressJs locations: Node

I am using the below code to serve statics files(js, images, css): app.use(express.static(path.join(__dirname, 'public'))); But now the images have been moved to some different location in the project i.e. outside the public directory (lets say. imag

rails trying to use datepicker and set the first day to Monday

Beginner question (be gentle) I am trying to set my datepicker to start the week on Monday. I can't seem to effect this default. I was able to change to dd/mm/yyyy by adding... $.fn.datepicker.defaults.format = "dd/mm/yyyy"; in vendor/assets/jav

Using Heroku and Resque in different applications

My goal is to have a main app adding jobs to a Resque queue on Heroku. However, I want the workers to be run in different apps. Can I enqueue a job in an app to be performed by other app(worker)? Is there any tutorial explaining how to do it? ThanksR

Lost trying to use DISTINCT and GROUP BY

I'm having trouble with something that I thought would've been simple... I have a simple model Statistic that stores a date (created_at), a user_fingerprint and a structure_id. From that, I'd like to create a graph to show #visitors per day. So I did

How to use Core Data without Storyboards?

I am trying to use Core Data without storyboarding in my app. I want to manage many relationships and I have a kind of singleton class to manage the access to the managedObjectContext, model, and persistentStoreCordinator I got it from this link Sing

Rails - Using form_for and fields_for, how do I access the sub-object in the fields_for block?

In my first rails app I'm trying to use form_for and fields_for to create a nested object form. So far so good, but I can't figure out how to access the sub-object while in the fields_for block. I've pre-populated a field in the sub-object with data

link error when building tbb using mingw and at the same time runtime error opencv

I want to use MINGW +tbb + opencv When I tried. The problem is I get error while running opencv test or some program. for example test_job_automaton.exe - Entry Point Not Found The procedure entry point __gxx_personality_v0 could not be located in th

Related Articles