I know this is really old. Just wanted to point out that the problem is:
where do you store the token? LocalStorage is not safe agains XSS attacks,
ideally you'd want to store your token in a Secure HttpOnly Cookie.
Em sexta-feira, 3 de maio de 2013 04:41:03 UTC-3, Antonello Pasella
escreveu:
>
> Why are you using cookies?
>
> It's just curiosity... I abandoned cookies, also session ones, using a
> token inserted as header in each $http request.
>
> Antonello
>
>
> Il giorno lunedì 18 marzo 2013 18:59:13 UTC+1, Evgeni ha scritto:
>>
>> Hi there,
>>
>> I'm making a call to a service (using $resource), which returns a
>> cookie, however it is not persisted for some reason.
>> I see the Set-Cookie header in a response. If I go directly to that
>> service - the cookie is set in a browser, but its not sent back to the
>> server on subsequent calls using $resource.
>>
>> Is angular somehow stripping the cookies off ?
>> Or am I looking in a wrong place ? I'm a bit lost here...
>>
>
--
You received this message because you are subscribed to the Google Groups
"Angular and AngularJS discussion" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to angular+unsubscr...@googlegroups.com.
To post to this group, send email to angular@googlegroups.com.
Visit this group at https://groups.google.com/group/angular.
To view this discussion on the web visit
https://groups.google.com/d/msgid/angular/7550e56b-df1d-47a3-9a45-683ea0b197e9%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
