Set-Cookie header not coming through response header

Forum|Forum|2 years ago
November 22, 2023
3 replies
3014 views

When I have an ajax call to an aem sling servlet.

Sling servlet setting a cookie header "Set-Cookie", which is coming through response headers on Author, Publisher.

But on Cloud Front URL, this "Set-Cookie" not coming through response headers.

Could some one help me, Do I need to mention what headers allowed from Cloud Front to front end client?

Thanks

Sri

This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.

Preetpal_Bindra

Community Advisor

That should work without any settings to AEM.

This could help troubleshoot.

Does the cookie have the path parameter to it? That could be an easy miss.

Also, is the cookie trying to set secure flag on a non-secure http host?

The set-cookie code that you are forming in the servlet, is the t possible to may be set it using a different method, let's say, set it in JS in browser console.

Thanks,

Preetpal

sreenu539Author

yes path set to "/" and no secure flag as this cookie need to be read by analytics.

BrianKasingli

Community Advisor and Adobe Champion

In AEM dispatcher you can configure the farm.any, which should include the set-cookie flag
https://experienceleague.adobe.com/docs/experience-manager-dispatcher/using/configuring/dispatcher-configuration.html?lang=en#specify-a-default-page-iis-only-homepage

clientheaders
  {
  "CSRF-Token"
  "X-Forwarded-Proto"
  "referer"
  "user-agent"
  "authorization"
  "from"
  "content-type"
  "content-length"
  "accept-charset"
  "accept-encoding"
  "accept-language"
  "accept"
  "host"
  "max-forwards"
  "proxy-authorization"
  "proxy-connection"
  "range"
  "cookie"
  "cq-action"
  "cq-handle"
  "handle"
  "action"
  "cqstats"
  "depth"
  "translate"
  "expires"
  "date"
  "dav"
  "ms-author-via"
  "if"
  "lock-token"
  "x-expected-entity-length"
  "destination"
  "PATH"
  }

sreenu539Author

I will try this @briankasingli thanks! but documentation says "defines a list of HTTP headers that Dispatcher passes from the client HTTP request to the renderer (AEM instance)"

The 'Set-Cookie' headers are response headers from aem publish instance to client browser.

sreenu539Author

@briankasingli @preetpal_bindra issue happening at cloud front level , verified direct dispatcher url and is sending all custom headers. It is cloud front , which is not sending headers from dispatcher to browser. any help on this ?

kautuk_sahni

Community Manager

@sreenu539 Did you find the suggestions from users helpful? Please let us know if more information is required. Otherwise, please mark the answer as correct for posterity. If you have found out solution yourself, please share it with the community.

Kautuk Sahni

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded