Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Set-Cookie response headers are grouped #722

Open
bertubezz opened this issue Nov 30, 2020 · 3 comments · May be fixed by #1278
Open

Set-Cookie response headers are grouped #722

bertubezz opened this issue Nov 30, 2020 · 3 comments · May be fixed by #1278

Comments

@bertubezz
Copy link

bertubezz commented Nov 30, 2020
edited
Loading

  • REST Client Version: 0.24.4
  • VSCode Version: 1.51.1
  • OS Version: windows 10

Steps to Reproduce:

  1. imagine this simple express script...
var express = require('express');
const app = express();
app.get("/", (req, res) => {
  res.cookie('n1', 'v1');
  res.cookie('n2', 'v1');
  res.sendStatus(200);
});
app.listen(8080, () => {
  console.log(`listening on port 8080`);
});
  1. simple GET request will group Set-Cookies headers into one as follows;
HTTP/1.1 200 OK
X-Powered-By: Express
Set-Cookie: n1=v1; Path=/,n2=v1; Path=/
Content-Type: text/plain; charset=utf-8
Content-Length: 2
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Date: Mon, 30 Nov 2020 12:08:27 GMT
Connection: close

OK

NOTE almost same request from curl...

λ curl -v http://localhost:8080
* Rebuilt URL to: http://localhost:8080/
*   Trying ::1...
* TCP_NODELAY set
*   Trying 127.0.0.1...
* TCP_NODELAY set
* Connected to localhost (127.0.0.1) port 8080 (#0)
> GET / HTTP/1.1
> Host: localhost:8080
> User-Agent: curl/7.55.1
> Accept: */*
>
< HTTP/1.1 200 OK
< X-Powered-By: Express
< Set-Cookie: n1=v1; Path=/
< Set-Cookie: n2=v1; Path=/
< Content-Type: text/plain; charset=utf-8
< Content-Length: 2
< ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
< Date: Mon, 30 Nov 2020 11:59:57 GMT
< Connection: keep-alive
<
OK* Connection #0 to host localhost left intact
@aeddie-zapidhire
Copy link

This caused me a few hours of confusion, debugging my code only to found out (using curl) that my code was working fine.

This is the problem line:

headerString += `${header}: ${value}${EOL}`;

Additionally, rest-client will not remember the multiple cookies correctly.

@gotham8x
Copy link

gotham8x commented Aug 3, 2023

Group set-cookie into one is totally wrong. It should be keep as it is.

Consider the response headers from server as the following:

Set-Cookie: key=value; expires=Thu, 03-Aug-2023 12:02:58 GMT; Max-Age=7200; path=/; samesite=lax
Set-Cookie: key2=value2; expires=Thu, 03-Aug-2023 12:02:58 GMT; Max-Age=7200; path=/; samesite=lax

There are several special characters in the header value , ; : - =. Clients attempting to merge them into a single line using just a , separator is truly a bad idea and violates Web standards.

Set-Cookie: key=value; expires=Thu, 03-Aug-2023 12:02:58 GMT; Max-Age=7200; path=/; samesite=lax, key2=value2; expires=Thu, 03-Aug-2023 12:02:58 GMT; Max-Age=7200; path=/; samesite=lax

@jordanbtucker jordanbtucker linked a pull request Jun 21, 2024 that will close this issue
Open
@jordanbtucker
Copy link

I created #1278 to fix this.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Preserve multiple Set-Cookie headers jordanbtucker/vscode-restclient
4 participants
@jordanbtucker @bertubezz @gotham8x @aeddie-zapidhire