XingMXTeam · April 25, 2018 07:27
diff --git a/corsWithCookie.js b/corsWithCookie.js
 //1
 var xhr = new XMLHttpRequest();
 xhr.open('GET', url);
 xhr.withCredentials = true;
 xhr.send();

 //2
 $.ajax({
   url: a_cross_domain_url,
   xhrFields: {
      withCredentials: true
   }
 });


 //server
 const express = require('express');

 var app = express();
 app.get('/specific-allow-origin-with-credentials', (req, res) => {
    res.set({
        'Access-Control-Allow-Origin': 'http://index.com:4001',
        'Access-Control-Allow-Credentials': true
    });
    res.status(200).end('I got your cookie: ' + req.headers.cookie);
 });
 app.listen(4001, () => console.log('listening to 4001'));
	//1
	var xhr = new XMLHttpRequest();
	xhr.open('GET', url);
	xhr.withCredentials = true;
	xhr.send();

	//2
	$.ajax({
	url: a_cross_domain_url,
	xhrFields: {
	withCredentials: true
	}
	});


	//server
	const express = require('express');

	var app = express();
	app.get('/specific-allow-origin-with-credentials', (req, res) => {
	res.set({
	'Access-Control-Allow-Origin': 'http://index.com:4001',
	'Access-Control-Allow-Credentials': true
	});
	res.status(200).end('I got your cookie: ' + req.headers.cookie);
	});
	app.listen(4001, () => console.log('listening to 4001'));