Don't re-use cookies across XHR proxy requests. #734

Merged
merged 1 commit into from Feb 28, 2013

Conversation

Projects
None yet
2 participants
@brentlintner
Contributor

brentlintner commented Feb 28, 2013

When proxing an XMLHttpRequest call via the XHR proxy, the jar option
in the request package was turned on by default. This would remember
cookies for future requests, which is bad because each request should be
separate, and the domain for cookies is the proxy's address, which is
invalid, anyways.

As a result, there ended up being a large accruing of
random cookies that had buggy effects, such as hitting
cookie header size limits on various web servers.

This fixed GitHub Issue:

http://github.com/blackberry/Ripple-UI/issues/732

Side Note:

It seems cookie support, in general, is not feasible with the proxy
enabled, because the remote domain is always the proxy's address, and
not the actual remote domain being requested. This is something to
figure out separately.

Don't re-use cookies across XHR proxy requests.
When proxing an XMLHttpRequest call via the XHR proxy, the `jar` option
in the `request` package was turned on by default. This would remember
cookies for future requests, which is bad because each request should be
separate, and the domain for cookies is the proxy's address, which is
invalid, anyways.

As a result, there ended up being a large accruing of
random cookies that had buggy effects, such as hitting
cookie header size limits on various web servers.

This fixed GitHub Issue:

    http://github.com/blackberry/Ripple-UI/issues/732

Side Note:

It seems cookie support, in general, is not feasible with the proxy
enabled, because the remote domain is always the proxy's address, and
not the actual remote domain being requested. This is something to
figure out separately.

@brentlintner brentlintner merged commit 632a384 into blackberry:next Feb 28, 2013

@dansilivestru

This comment has been minimized.

Show comment
Hide comment
@dansilivestru

dansilivestru Mar 1, 2013

Contributor

oops, forgot to actually give a +1 on it. Looks good.

Contributor

dansilivestru commented Mar 1, 2013

oops, forgot to actually give a +1 on it. Looks good.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment