I am getting an error when I do not explicitly set...
# support-questions-legacyc
chunkygoo.
10/18/2022, 5:46 AMI am getting an error when I do not explicitly set cookie_domain="localhost"
chunkygoo.
10/18/2022, 5:46 AM Copy code
com.supertokens {"t": "2022-10-18T05:44:50.762Z", "sdkVer": "0.11.0", "message": "middleware: Started", "file": "supertokens.py:536"}
com.supertokens {"t": "2022-10-18T05:44:50.762Z", "sdkVer": "0.11.0", "message": "middleware: Not handling because request path did not start with config path. Request path: /users/interest/1", "file": "supertokens.py:543"}
com.supertokens {"t": "2022-10-18T05:44:50.762Z", "sdkVer": "0.11.0", "message": "getSession: Started", "file": "recipe/session/recipe_implementation.py:241"}chunkygoo.
10/18/2022, 5:47 AM Copy code
com.supertokens {"t": "2022-10-18T05:44:50.762Z", "sdkVer": "0.11.0", "message": "getSession: rid in header: False", "file": "recipe/session/recipe_implementation.py:243"}
com.supertokens {"t": "2022-10-18T05:44:50.762Z", "sdkVer": "0.11.0", "message": "getSession: request method: DELETE", "file": "recipe/session/recipe_implementation.py:246"}
com.supertokens {"t": "2022-10-18T05:44:50.762Z", "sdkVer": "0.11.0", "message": "getSession: Value of doAntiCsrfCheck is: True", "file": "recipe/session/recipe_implementation.py:280"}
com.supertokens {"t": "2022-10-18T05:44:50.763Z", "sdkVer": "0.11.0", "message": "getSession: Returning TRY_REFRESH_TOKEN because custom header (rid) was not passed", "file": "recipe/session/session_functions.py:150"}
com.supertokens {"t": "2022-10-18T05:44:50.764Z", "sdkVer": "0.11.0", "message": "errorHandler: Started", "file": "supertokens.py:610"}
com.supertokens {"t": "2022-10-18T05:44:50.764Z", "sdkVer": "0.11.0", "message": "errorHandler: Error is from SuperTokens recipe. Message: anti-csrf check failed. Please pass 'rid: "anti-csrf"' header in the request, or set doAntiCsrfCheck to false for this API", "file": "supertokens.py:611"}
com.supertokens {"t": "2022-10-18T05:44:50.764Z", "sdkVer": "0.11.0", "message": "errorHandler: Checking recipe for match: session", "file": "supertokens.py:622"}
com.supertokens {"t": "2022-10-18T05:44:50.764Z", "sdkVer": "0.11.0", "message": "errorHandler: Matched with recipeID: session", "file": "supertokens.py:628"}
com.supertokens {"t": "2022-10-18T05:44:50.764Z", "sdkVer": "0.11.0", "message": "errorHandler: returning TRY_REFRESH_TOKEN", "file": "recipe/session/recipe.py:245"}
com.supertokens {"t": "2022-10-18T05:44:50.764Z", "sdkVer": "0.11.0", "message": "Sending response to client with status code: 401", "file": "utils.py:134"}chunkygoo.
10/18/2022, 5:47 AMIf I set cookie domain it works just fine
chunkygoo.
10/18/2022, 5:48 AMnextjs frontend sending a request to a protected api
r
rp_st
10/18/2022, 6:10 AMlocalhost is not a valid value for cookie_domain
c
chunkygoo.
10/18/2022, 6:17 AMWhen I add it, it works
chunkygoo.
10/18/2022, 6:17 AMif i do not add it, it fails
r
rp_st
10/18/2022, 6:27 AMright. My bad. Then you should add it
c
chunkygoo.
10/18/2022, 6:29 AMShouldn't supertokens work without adding it?
r
rp_st
10/18/2022, 6:30 AMwell, if you want to share cookies across different localhost ports, you need to add it
c
chunkygoo.
10/18/2022, 6:39 AMI see
chunkygoo.
10/18/2022, 6:40 AMSo using different ports mean I would have to add it?
chunkygoo.
10/18/2022, 6:40 AMwhat about in prod where I have www.x.com and api.x.com
r
rp_st
10/18/2022, 6:40 AMthen you will have to add
.x.comrp_st
10/18/2022, 6:40 AMas the value of
cookie_domainc
chunkygoo.
10/18/2022, 6:44 AMBut www.x.com is not using cookie_domain though
chunkygoo.
10/18/2022, 6:45 AMI decided to give up server side rendering and only use client side rendering for auth-needed actions
chunkygoo.
10/18/2022, 6:46 AMIf I do not add a cookie domain, the default which is api.x.com will be used. And the cookies will be sent by the browser to api.x.com right?
r
rp_st
10/18/2022, 6:46 AMyes
c
chunkygoo.
10/18/2022, 6:48 AMBut on localhost that is not the case?
70 Views