I have a Vue frontend where I use vue-cookies to set cookie on login.
The following example URLs are used for the application
- client.mydomain.com
- api.mydomain.com
This is the code setting the cookie in Vue
this.$cookies.set(
'my_jwt',
response.data.data.token,
'1d',
'null',
mydomain.com
);
CORS is enabled and most things are working fine.
However in certain browsers fetching images from the API fails with 401 because the cookie is not sent with GET requests that are initiated due to img tags. The API requires a valid JWT for accessing files.
In Chome and Firefox Developer Edition it works fine, but in standard Firefox images are failing.
I also noticed that login in Safari is not working at all (probably due to some related problem).
Would love some input on what could cause this problem.