问题
I have angular 5 app and .net core 2.0 web api app hosted on azure as app services. Apps have two urls as below.
angularclient.azurewebsites.net
serviceapi.azurewebsites.net
The issue I am facing is angular app not receiving .AspNetCore.Antiforgery cookie that is sent by serviceapi. Http post request generated by angular app has "withCredentials: true" header. I have defined cors policy in service API as below.
app.UseCors(builder => builder.WithOrigins("angularclient.azurewebsites.net").AllowAnyMethod().AllowAnyHeader());
I have sent a request using POSTMAN and test if cookies are sent by the server. For the POSTMAN request cookies are receiving without any issue. When I host the apps in my test IIS server and check. On that environment application working fine. Help me to find a solution to this issue.
回答1:
This takes a week to find a reason why this issue happened in azure app services. Reason was Microsoft has banned cookies on azurewebsites.net top domain by including it in public suffix list. You can find more details from here
来源:https://stackoverflow.com/questions/53759342/angular-app-running-on-azure-app-service-not-receive-aspnetcore-antiforgery-coo