• State Not Answered
  • Replies 3 replies
  • Subscribers 94 subscribers
  • Views 257 views
  • Users 0 members are here
Options
Related

setting up an Angular development environment locally on my laptop.

rodrigo.penades
2 months ago 
Hello,

I'm currently working with OI Manager v.9.0 LTS and I'm trying to set up an Angular development environment locally on my laptop. 
I have a question regarding cross-site cookie transmission in this Angular development environment.
To enable this feature, it seems that we need to set our cookies with "SameSite=None; Secure". 
However, this setting requires HTTPS, which our DEV server currently doesn’t support. 
As a result, browsers like Edge and Chrome block the cookie due to the lack of HTTPS.
So, my question is: Do we need to install an SSL certificate on the IAM DEV server to enable HTTPS, and consequently, allow the cross-site cookie transmission?
In affirmative case, which would be the technical characteristics of such certificate, if any special.

Thank you in advance for your help.
  • 0 2 months ago

    Hi Rodrigo,

    Short answer: no, you should not need to configure SSL from a purely technical standpoint. However, from a security standpoint non-secure HTTP is obviously not recommended.

    If you can run an API Server on http://localhost (non-HTTPS) then you can run and also run the Angular server on http://localhost. SameSite should be set to "Lax" in this case. If the cookies don't go through, check the blocked cookies in the Chrome F12 tools on the network tab. Chrome will give an indication why exactly a specific cookie was rejected, so you can go from there.

    Another thing to try is to use Firefox as it seems to be a bit more forgiving with non-secure connections to localhost IIRC.

    Hope this helps!

  • 0 2 months ago in reply to Hanno Bunjes

    Thanks a lot Hanno,

    Angular is a new world for me, that's why I'm following the video series produced by OI to prepare the development environment, it describes the need of 2 machines for the standard architecture. In the video it is described that the API server has to be installed in the web server (backend) and in the client workstation the development tools, angular resources and the imxweb project (frontend):

    youtu.be/dJMioSy0CiU

    So, with this architecture in place, would it be necessary to configure SSL?

    Thanks in advance for your clarifications.

  • 0 2 months ago in reply to rodrigo.penades

    Hi Rodrigo,

    It should not be strictly necessary to configure SSL with such a setup. Browsers and operating systems vary in this regard, so it is not possible to give a global answer.