Setting cookies in request header

I have been trying to get cookies to work in my Photoshop UXP plugin.
First, I send a login request to my server and the login response sends back a “set-cookie” header.
But the cookie is not sent in the subsequent requests’ header sent to the server.
I tried using plain xmlhttprequest and also fetch() with credentials: ‘include’ set (in both login request and subsequent requests).
They both don’t work.
Any help would be appreciated.

PS: Setting it manually via document.cookie doesn’t work too.

Do you send your request with withCredentials?

@Karmalakas Yes, I tried that too. That doesn’t work either.

Note: Cookies are not accessible via JS in UXP – which is why setting document.cookie is of no use.

Cookies should be sent when using withCredentials (or the fetch equivalent).

What authentication mechanism is your server using? Is the request being made over HTTPS? Is the server expecting to see a domain for the origin? (UXP plugins run locally, and don’t have an origin… which can trip up servers that expect otherwise.)

How are you validating where/when the cookie is being sent? Are you using a proxy like Charles?

Some code might be useful here.

Hi @kerrishotts
My server is an express server, and it uses express-session to handle sessions. This includes sending “set-cookie” header in the response after login.
The plugin receives the response with the set-cookie header. I confirmed this by both printing out the headers and using debug in UXP developer tool. The Network tab, shows the response header “set-cookie” and the cookie tab of the request also contains this cookie. So, there is no problem in receiving the cookie.

However on the subsequent requests to the same domain, the cookies are not being sent. This was confirmed both by printing out the request and also through debug in developer tool.
Please find below the request code.

let response = await fetch(`${publicUrl}/photoshop/token?requestId=${rid}`, {
                credentials: 'same-origin'
        console.log("error fetching token");

The credentials property is set for all requests including the login.
I also tried with “withCredentials” in xmlhttprequest. Both don’t work.
Thanks for your help :slight_smile:

Hi @kerrishotts
A small update, the cookies are being set now. The issue was the expiry not being set for the cookie. Once I fixed that, the cookies work now. Thanks a lot :slight_smile:

I also encountered the same problem, but in the case of maxAge with cookies set, the sending request still does not carry cookies.My server is an express server, and UXP developer tool shows the tab of

so amazing, the cookies does not appear in the UXP developer Tool, but it does appear in the header of the request :upside_down_face:.You can console.logthe cookies!