locked
Sending a cookie (via WinJS and XHR or other mechanism) RRS feed

 > 

  • Question

  • Question
    Sign in to vote
    0
    Sign in to vote

    I'm trying to call a JSON-based service that expects a cookie for authentication. Is there any way to send a HTTP cookie via a Windows 8 application (HTML/Javascript)? If I try to add it as a header to an XHR request, it is blocked, per Microsoft's adherence to the W3C spec on request headers:

    http://www.w3.org/TR/XMLHttpRequest/#the-setrequestheader-method

    And, it seems that cookies set client-side via a line like this:

    document.cookie = key + "=" + value + ";path=/;expires=" + expires.toGMTString();

    are never sent server-side as part of an XHR request. So it seems that cookies are just N/A as part of Windows 8 Store apps, right? Can anyone confirm? If so, I will have to re-write my JSON-based service to use a different kind of non cookie based authentication, correct?

    Thanks,

    Mike Oliver

    Sunday, December 9, 2012 10:22 PM

Answers

  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi Michael,

    Yes, you cannot manipulate cookies through the Winjs.xhr call. And nor will it work if you directly use the xmlhttprequest since xhr is just a wrapper of the xmlhttprequest object.

    By checking the MSDN reference, the "cookieContainer" property of .NET HttpWebrequest class is still supported for Windows Store app. Therefore, I think one possible approach is creating a custom windows runtime library (via .NET C# or VB.NET) which encapuslat the HTTP webservice communiations and can use HttpWebRequest to access cookies.

    And another possible approach is that you setup a delegate service (host in azure or other public place). Your windows store app directly communicate with the delegate service and let the delegate service to communicate with the target services which require cookie or other advanced features.

    Please remember to mark the replies as answers if they help and unmark them if they provide no help.

    Tuesday, December 11, 2012 3:41 AM
    Moderator

All replies

  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi Michael,

    Yes, you cannot manipulate cookies through the Winjs.xhr call. And nor will it work if you directly use the xmlhttprequest since xhr is just a wrapper of the xmlhttprequest object.

    By checking the MSDN reference, the "cookieContainer" property of .NET HttpWebrequest class is still supported for Windows Store app. Therefore, I think one possible approach is creating a custom windows runtime library (via .NET C# or VB.NET) which encapuslat the HTTP webservice communiations and can use HttpWebRequest to access cookies.

    And another possible approach is that you setup a delegate service (host in azure or other public place). Your windows store app directly communicate with the delegate service and let the delegate service to communicate with the target services which require cookie or other advanced features.

    Please remember to mark the replies as answers if they help and unmark them if they provide no help.

    Tuesday, December 11, 2012 3:41 AM
    Moderator
  • Question
    Sign in to vote
    0
    Sign in to vote

    Steven,

    Thanks for the reply. Creating a C# proxy or delegate service does seem a lot of work just to pass a cookie for a service call. We'll just re-write our authentication mechanism.

    Regards,

    - Mike Oliver

    Tuesday, December 11, 2012 4:45 AM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Thanks for the reply quick Michael.

    Then it's really helpful that you have control over the servcie authentication mechansim :). Just change the service to obtain authentication token from http header instead of cookie will make WinJS.xhr work.

    Please remember to mark the replies as answers if they help and unmark them if they provide no help.

    Tuesday, December 11, 2012 5:00 AM
    Moderator