Production on Netlify and Railway fails to send cookies, causing 401 errors.
server.configure({ origin: process.env.CLIENT, allowCreds: true });
response.createCookie('auth', 'Token_' + id, { secure: true });
hey, try verifying that your env origin exactly matches the value used in your fetch call. sometimes a trailing slash or case mis-match can cause issues. also, ensure you’re using credintials flag on the frontend. hope that helps sort it out
In my experience, many cookie issues arise from misconfiguration of cookie attributes and CORS headers. It helped to explicitly specify the SameSite attribute as ‘None’ along with the secure flag for cross-origin cookies. This ensures that browsers send cookies correctly when dealing with different domains. Additionally, verifying that all environment variables match exactly between the server setup and the client fetch configurations proved essential. Ensuring that the server responds with proper CORS headers and including credentials on the client side resolved the persistent 401 errors in production.
hey, i been experimenting wit some cross-org tweaks. ever tried toggling samesite settings? maybe combining debug logs from both ends might reveal hidden issues, dunno. what were ur observations when testing different secure flags?
hey, i noticed u might try including credentials in your fetch req. maybe secure cookie issues cause the missing cookies on http? have u tried testng without secure flag for debugging? curious to hear if that helped- any insights?