Angular + Laravel: CORS and Credentials in my Local Dev Environment

September 17, 2025

I've been working a lot lately with Angular 20 front ends and Laravel + Sanctum back end APIs. One big issue I came across was getting my session cookie sent to the back end when making requests using Angular's HttpClient. The issue didn't show up in production where I had Laravel's CORS config setup working. But on my local dev setup, I couldn't get authorization cookies in the requests. The responses all had a set-cookie header, the requests were properly prepared with the withCredentials: true option (using an Angular interceptor). I ended up using an Authorization: bearer <token> solution. It worked, but is more likely to be leaked.

Finally, I solved the issue. On the dev server, Angular uses ng serve, running by default on localhost:4200. Laravel's php artisan serve uses 127.0.0.1:8000. Cookies don't like that. They are domain aware and only want to stay on the domain they were issued from. Unlike CORS allowed origins, they don't care about protocol or port, but like CORS, cookies don't see localhost as the same domain as 127.0.0.1. So, that was the problem. Cookies can easily dismiss sub-domain differences (api.a.com works with www.a.com) so that's why production was okay - it's the same domain, just with a sub-domain difference.

The fix was simple. I set in my local dev's Laravel .env file to use

SESSION_DOMAIN=localhost
SECURE_COOKIE=false

Then I started Laravel with php artisan serve --host localhost and started ng serve (default is localhost). Finally all the credentials (err, session cookie) went back and forth.

tags:  angular, laravel, security, software

0 comments

Note: All comments are vetted before being published to the site. Html tags will be stripped. Markdown is enabled.

MySQL ODBC with Excel 2011 on OSX

January 24, 2011

I had a hard time getting the MySQL 5.1.8 ODBC driver to work with Excel 2011 on my work MacBook. I'm running OSX 10.6 (Snow Leopard), but this issue seems to go back some ways.

Apparently, the problem has to do with Microsoft Query being a native PPC 32 bit app, while Excel 2011 is an Intel native 32 bit app.

The solution was to use lipo to combine the distinct Mac Intel 32-bit ODBC driver with the PPC 32 bit driver.

To do this, download and extract the myodbc connector drivers from the MySQL site in tar.gz format. You need both the intel-x86-32bit and the ppc-32bit downloads. Extract them both next to each other in a tmp dir (/Users/drew/tmp, or whatever). Then, from your tmp dir, use lipo to make a multi-arch version. (To widen out the text area so you can see the full command, use my "hide panel" button to hide the right column of this page. Also, remember that backslash means "continue command on next line."):

$ lipo mysql-connector-odbc-5.1.8-osx10.5-powerpc-32bit/lib/libmyodbc5-5.1.8.so \
  mysql-connector-odbc-5.1.8-osx10.6-x86-32bit/lib/libmyodbc5-5.1.8.so \
  -output ./libmyodbc5-5.1.8.so \
  -create

This will create a new libmyodbc5-5.1.8.so in the current directory with both architectures supported. You can test this by running:

$ lipo ./libmyodbc5-5.1.8.so -info

You can then sudo copy this to /usr/local/lib on top of any other libmyodbc5-*.so.

Also, be sure that /usr/local/lib/libmyodbc5.so a symlink to the new file. I had an actual file there rather than a symlink and it caused some additional pain.

tags:  excel, mac, mysql, odbc, office 2011, osx

7 comments

Note: All comments are vetted before being published to the site. Html tags will be stripped. Markdown is enabled.

Linksys RV016 Router / Firewall / VPN + Linux

November 16, 2006

At work, we installed a Linksys RV016 Router + VPN solution. After one of our sys admins setup and turned on the firewall rules, I lost the ability to browse certain sites including slashdot.org, news.yahoo.com, and many others. But, many sites were fine.

I spent some time trying to figure out what the problem was, and realized that with the firewall disabled, everything was ok, but when it was on, I had troubles. Some web pages or images would load part way.

Other things I noticed included:

  • WinXP and MacOSX boxes didn't have this problem. Only the two Fedora boxes did.
  • It wasn't Linux specific - CentOS 4.x and Ubuntu Live didn't have the same problem.
  • Fedora Core 4 (fc4), Fedora Core 5 (fc5), and Fedora Core 6 (fc6) all exposed this problem.
  • Hand built kernels at or below 2.6.12 didn't show this problem, somewhere above 2.6.17, they did.

So, I had tracked it down to a kernel related change somewhere between 2.6.13 through 2.6.17.

I was able to route around the issue by using another point of entry, but that was a temporary fix. Eventually, I sought help on the Fedora mailing list and was pointed to a discussion on lkml (linux kernel mailing list). This led to a fix.

The discussion starts around here on lkml. The most important bit is here.

The workaround was to turn off tcp_window_scaling. To test this, do this:

echo 0 > /proc/sys/net/ipv4/tcp_window_scaling

and to make it permanent add this line to /etc/sysctl.conf:

net.ipv4.tcp_window_scaling = 0

tags:  centos, fedora, kernel, linux, osx, software, windows

2 comments

Note: All comments are vetted before being published to the site. Html tags will be stripped. Markdown is enabled.