We're Hiring!

Mattermost, Inc.

Cannot get heades [Set-Cookie]

Hello everyone!!


Cannot get headers [“Set-Cookie”] when login into the system with custom login

Steps to reproduce

Use Postman, try to login to workspace with your credentials, view headers. You will not see the “Set-Cookie”

Expected behavior

Request headers should have the “Set-Cookie” headers.

Observed behavior

Request headers does not have the “Set-Cookie” headers.

Extra info for context

Im currently developing a custom app for our company using mattermost as the backbone. I created the login and moved on to design the rest of the app, when I went to start making api request all of them would fail. After checking the web client to verify why they were failing, I saw the login had the “set-cookie” headers and they would be used in every request. There I understood my problem.

I needed the set-cookies for every request, so I went and checked the request headers in the app response headers and saw that they were not there. After that I tried with a custom backend that would do the request, same not there. After that I went to postman and same. Without the data in the set-cookies I can’t continue.

Any help would be appreciated,

Hey, me from the future, I gave up with this problem. But a day or so I tried again and my finding where that if you don’t send the x-request-with with the value XMLHttpRequest you will not get the cookies. If this is intended it’s not a good decision for the point of view that it’s not documented. Either the documentation is lacking or there is an unintended feature.