Why isn’t the cookie sent by one subdomain stored in the browser when the application is hosted by another subdomain?

When accessing my application hosted on the subdomain ui.dailytechpoint.com, and making requests to the API server on api.dailytechpoint.com, the REST API successfully generates the required cookies for CloudFront. These cookies include :
CloudFront-Policy,
CloudFront-Signature, and
CloudFront-Key-Pair-Id,
each with the correct values. However, the browser on ui.dailytechpoint.com refuses to store these cookies when the REST API is triggered. How can I resolve this issue?

In my case, the value of AllowedOrigin was * . To resolve it, I set the CORS permissions from the S3 bucket. However, instead of using the default settings, I changed them to the following, and it works.

<?xml version="1.0" encoding="UTF-8"?>
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<CORSRule>
<AllowedOrigin>https://ui.dailytechpoint.com</AllowedOrigin>
<AllowedOrigin>https://api.dailytechpoint.com</AllowedOrigin>
<AllowedOrigin>https://*.dailytechpoint.com</AllowedOrigin>
<AllowedOrigin>https://dailytechpoint.com</AllowedOrigin>
<AllowedMethod>GET</AllowedMethod>
<AllowedMethod>HEAD</AllowedMethod>
<AllowedMethod>DELETE</AllowedMethod>
<AllowedMethod>PUT</AllowedMethod>
<AllowedMethod>POST</AllowedMethod>
</CORSRule>
</CORSConfiguration>

dailytechpoint

Why isn’t the cookie sent by one subdomain stored in the browser when the application is hosted by another subdomain?

ByKoushik Samanta

Related Post

You missed

Why isn’t the cookie sent by one subdomain stored in the browser when the application is hosted by another subdomain?

Hello world!