angular – Set-Cookie在浏览器中不起作用,但与Postman一起使用

我在后端和前端实现了CORS配置,所有其他API请求都可以工作.但是,Set-Cookie标志不会在我的浏览器中创建cookie.

我甚至有disabled CORS in chrome.

当我使用Postman发出POST请求时,我正确地在Cookie选项卡中看到Cookie.我没有在网络浏览器中看到cookie.

选项请求

Host: localhost:8080
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:54.0) Gecko/20100101 Firefox/54.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip,deflate
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,credentials

选项回应

X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache,no-store,max-age=0,must-revalidate
Pragma: no-cache
Expires: 0
X-Frame-Options: DENY
Access-Control-Allow-Origin: http://localhost:4200
access-control-allow-credentials: true
access-control-allow-methods: POST,GET,OPTIONS,DELETE
access-control-max-age: 3600
access-control-allow-headers: Access-Control-Allow-Headers,Origin,Accept,X-Requested-With,Content-Type,Access-Control-Request-Method,Access-Control-Request-Headers,credentials
Allow: GET,HEAD,POST,PUT,DELETE,TRACE,PATCH
Content-Length: 0
Date: Fri,30 Jun 2017 14:55:58 GMT

POST请求

Host: localhost:8080
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:54.0) Gecko/20100101 Firefox/54.0
Accept: application/json,text/plain,*/*
Accept-Language: en-US,deflate
Referer: http://localhost:4200/login
Content-Type: application/json
credentials: true
Content-Length: 48
Origin: http://localhost:4200
Connection: keep-alive

POST响应

X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache,credentials
Set-Cookie: ddd=eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOjJmYXhhcyIsImV4cCI6MTQ5ODkyMDk1OH0.sKJLH1GvgbJP28ws2EOZpc8EH0SElB4VQX86m59G8BjT-QAaRW6sInnrF6Y_yNJcIEcrrw_itb-O26KkKza8aA
Content-Length: 0
Date: Fri,30 Jun 2017 14:55:58 GMT