AngularJS is not sending-X_XSRF-TOKEN

According to the documentation

$http: The header will not be set for cross-domain requests.

If you have to use CORS, you would also doing cross domain requests. Would still be able to do it yourself with an $httpInterceptor. You first read the cookie value, and then attach the header to the config before the request is fired.

function readCookie(name) {
    var nameEQ = name + "=";
    var ca = document.cookie.split(';');
    for(var i=0;i < ca.length;i++) {
        var c = ca[i];
        while (c.charAt(0)==' ') c = c.substring(1,c.length);
        if (c.indexOf(nameEQ) == 0) return c.substring(nameEQ.length,c.length);
    }
    return null;
}
module.factory('XSRFInterceptor', function() {
    var XSRFInterceptor = {
        request: function(config) {
            var token = readCookie('XSRF-TOKEN');
            if (token) {
                config.headers['X-XSRF-TOKEN'] = token;
            }
            return config;
        }
    };
    return XSRFInterceptor;
}]);
module.config(['$httpProvider', function($httpProvider) {
    $httpProvider.interceptors.push('XSRFInterceptor');
}]);

Just for anyone who came here like me trying to figure out why Angular is not sending X-XSRF-TOKEN header:

In my case I did not pay attention that I'm sending XSRF-TOKEN cookie with HttpOnly flag.

AngularJS is not sending-X_XSRF-TOKEN

Tags:

Ruby On Rails

Cors

Angularjs

Ionic Framework

Related

Recent Posts