B
Bronco
Guest
Thanks for response, suggesting altering HttpOnly wasn't exactly correct. What I'm trying to achieve is after a successful login to do a second call to get some data from the REST adapter (not an uncommon pattern). After this login I receive the Set-Cookie header mentioned above. If I do the second call (fetching data) I get a 401, not authorized. My assumption is that the cookie should be sent to the server (as one of the headers) but that is not the case (checked via Fiddler) and I have no clue why.
Continue reading...
Continue reading...