Skip to main content
35,057 questions
Newest Active Bountied Unanswered
Filter by
Sorted by
Tagged with
0 votes
1 answer
101 views

I developed a JWT based authentication that sends tokens in httpOnly, secure cookies. Here is the response of my login request: access-control-allow-credentials true access-control-allow-headers ...
AlbertDeTerre's user avatar
  • 1
0 votes
0 answers
35 views

Using the JavaScript fetch API sends the current cookies and optionally allows to send no cookies, but I don't see how to send own cookies without the currently set cookies. Is it possible to send an ...
allo's user avatar
  • 4,316
0 votes
0 answers
77 views

I am automating login to a session-based website using Playwright, then reusing the extracted cookies in Python's requests library to call a protected API endpoint. The login works fine, but my ...
P K's user avatar
  • 1
0 votes
0 answers
64 views

I have a docker structure which contains backend (binded on localhost:3001) and frontend (binded on localhost:3002). In my frontend which uses NextJS framework, I have a middleware that check if the ...
GlicyDev's user avatar
  • 13
Tooling
0 votes
4 replies
154 views

I’m currently using cookies for authentication in a .NET 9 backend with an Angular 20 frontend. Right now, I store both the accessToken and refreshToken directly in cookies. I’m trying to improve the ...
MONTASSARBENBRAHIM's user avatar
  • 1
0 votes
0 answers
43 views

I'm working on a Blazor Server App which has to authenticate via LDAP (it works), and set a cookie so that the user must authenticate only e.g. once a week. I have created a minimalAPI in the program....
tzs's user avatar
  • 21
1 vote
1 answer
35 views

I have an Encore.ts application with cookie-based session authentication. When the auth handler determines that a session token has expired, I want to remove the session cookie from the client's ...
Benny Sparr's user avatar
  • 19
2 votes
2 answers
96 views

I’m debugging a specific HTTP/session issue with requests.Session(). The captcha answer is entered manually by a human, and my code submits that value. I am not trying to automate captcha solving. ...
Lev Yurin's user avatar
  • 21
2 votes
0 answers
70 views

I have a Blazor server app that calls a separate ASP.NET Core Web API via HttpClient. When the user logs in, the API sets an HttpOnly cookie in the response. However, the cookie never appears in the ...
Prashil Shah's user avatar
  • 195
1 vote
1 answer
126 views

I'm using Next.js App Router and setting a cookie inside middleware.ts: import { NextResponse } from "next/server"; export function middleware(req: Request) { const res = NextResponse....
aristobyte's user avatar
  • 13
2 votes
1 answer
71 views

I've been having this hiccup for quite a while. I'm using NextJS 16 to build a fullstack application with separate NestJS backend. The problem is when I perform a refresh logic, the httpOnly cookies ...
Jeffry's user avatar
  • 21
0 votes
0 answers
52 views

So I was trying to use Next.js and Express. I used Next.js only for frontend and SSR (ssr for some pages only). How can I add protected routes in Next.js in this two server setup?. Normally, we would ...
Amal Jose's user avatar
  • 1
0 votes
0 answers
116 views

In my website, I am opening a window to a different host in a new tab using: window.open(newUrl, "_blank"); The new window is inheriting all of the cookies and there are a lot of them. The ...
Jim Rhodes's user avatar
  • 5,122
0 votes
0 answers
31 views

I am trying to access a Vue SPA served with S3+CloudFront, restricted by signed cookies. This is for a platform that displays a user's active "apps". Each app is its own CloudFront domain. ...
Yolo_chicken's user avatar
  • 1,445
Best practices
0 votes
0 replies
36 views

After completing a PKCE OAuth2 flow, I want to send the following response: { "access_token": "abc...", "refresh_token": "def...", "id_token": &...
Rodrigue2g's user avatar
  • 101

15 30 50 per page
1
2 3 4 5
2338