"Refused to set unsafe header 'Cookie' " while sending cookies with GET request in angular 6
You can't do this, cause the browser doesn't allow you to do it. Let me describe the problem here:
Did you notice the Set-Cookie: JSESSIONID=......; Path=/; HttpOnly
in your response headers? Well, The problem is the HttpOnly flag. Actually :) it's not a problem, it's a feature to prevent attacks that aim to steal your browser cookies:
HttpOnly is a flag added to cookies that tell the browser not to display the cookie through client-side scripts (document.cookie and others). ... When you set a cookie with the HttpOnly flag, it informs the browser that this special cookie should only be accessed by the server
So the browser doesn't allow any javascript code to access this variable. If you could change that value, then it's not a HttpOnly
flagged cookie anymore:)
If you want to send this cookie via javascript, you should send it via the Authorization
header for example and write middleware in Java server so that it captures these values from the Authorization
header and think of them as JSESSIONID cookie. No more options for you :)