So – I was trying to request some data from one server from another – not normally a big deal, but the data would vary depending on whether or not the user was logged in or not. I thought just setting up CORS would work (I’m using asp.net mvc web api 2). I thought a simple jquery .post or .get would do the job, but surprisingly the .get and .post do not send the auth cookie when making the request – you have to use the .ajax features of jQuery, as well as enabling the “SupportsCredentials” part of Cors – the relevant parts look like this
In your web api controller
[EnableCors(origins: “*”, headers: “*”, methods: “*”, SupportsCredentials = true)]
Your javascript code should look like this
$.ajax({
url: ‘http://MyWebServiceDomain.com/api/v.1.1/SomeController/MyFeature’,
dataType: ‘json’,
xhrFields: {
withCredentials: true
},
crossDomain: true,
success: function (authText) {
$(‘#authText’).html(authText);
}
});
