How to modify Cookie from Ajax call

by

The Cookie header is one of several which cannot be modified in an XMLHttpRequest. From the specification:

Terminate [execution of the setRequestHeader method] if header is a
case-insensitive match for one of the
following headers:

  • Accept-Charset
  • Accept-Encoding
  • Connection
  • Content-Length
  • Cookie
  • Cookie2
  • Content-Transfer-Encoding
  • Date
  • Expect
  • Host
  • Keep-Alive
  • Referer
  • TE
  • Trailer
  • Transfer-Encoding
  • Upgrade
  • User-Agent
  • Via

… or if the start of header is a
case-insensitive match for Proxy- or
Sec- (including when header is just
Proxy- or Sec-).

The above headers are controlled by
the user agent to let it control those
aspects of transport. This guarantees
data integrity to some extent. Header
names starting with Sec- are not
allowed to be set to allow new headers
to be minted that are guaranteed not
to come from XMLHttpRequest.

More Related Contents:

  1. Why cookies and set-cookie headers can’t be set while making xmlhttprequest using setRequestHeader?
  2. How to delete a cookie?
  3. Suppress Chrome ‘Failed to load resource’ messages in console
  4. Why am I seeing an “origin is not allowed by Access-Control-Allow-Origin” error here? [duplicate]
  5. AngularJS Error: Cross origin requests are only supported for protocol schemes: http, data, chrome-extension, https
  6. POST data in JSON format
  7. Javascript getCookie functions
  8. Getting BLOB data from XHR request
  9. Setting cross-domain cookies in Safari
  10. SameSite warning Chrome 77
  11. Understanding XMLHttpRequest over CORS (responseText)
  12. Check if third-party cookies are enabled
  13. How can I set a cookie with expire time?
  14. CORS request not working in Safari
  15. Show a progress bar for downloading files using XHR2/AJAX
  16. Fetch API vs XMLHttpRequest
  17. How to expire a cookie in 30 minutes using jQuery?
  18. “Origin null is not allowed by Access-Control-Allow-Origin” in Chrome. Why? [duplicate]
  19. Cross-site XMLHttpRequest
  20. Javascript document.cookie always returns empty string
  21. XMLHttpRequest cannot load, No ‘Access-Control-Allow-Origin’ header is present on the requested resource [duplicate]
  22. How to Detect Cross Origin (CORS) Error vs. Other Types of Errors for XMLHttpRequest() in Javascript
  23. Safari not sending cookie even after setting SameSite=None; Secure
  24. Browser waits for ajax call to complete even after abort has been called (jQuery)
  25. responseXML always null
  26. I need to get all the cookies from the browser
  27. Breaking JavaScript execution when cookie is set
  28. Set cookie on multiple domains with PHP or JavaScript
  29. Opinion about synchronous requests in web workers
  30. XmlHttpRequest.responseText while loading (readyState==3) in Chrome

Leave a Comment