Skip to content

Don't re-use cookies across XHR proxy requests. #734

Merged
merged 1 commit into from Feb 28, 2013

2 participants

@brentlintner

When proxing an XMLHttpRequest call via the XHR proxy, the jar option
in the request package was turned on by default. This would remember
cookies for future requests, which is bad because each request should be
separate, and the domain for cookies is the proxy's address, which is
invalid, anyways.

As a result, there ended up being a large accruing of
random cookies that had buggy effects, such as hitting
cookie header size limits on various web servers.

This fixed GitHub Issue:

http://github.com/blackberry/Ripple-UI/issues/732

Side Note:

It seems cookie support, in general, is not feasible with the proxy
enabled, because the remote domain is always the proxy's address, and
not the actual remote domain being requested. This is something to
figure out separately.

@brentlintner brentlintner Don't re-use cookies across XHR proxy requests.
When proxing an XMLHttpRequest call via the XHR proxy, the `jar` option
in the `request` package was turned on by default. This would remember
cookies for future requests, which is bad because each request should be
separate, and the domain for cookies is the proxy's address, which is
invalid, anyways.

As a result, there ended up being a large accruing of
random cookies that had buggy effects, such as hitting
cookie header size limits on various web servers.

This fixed GitHub Issue:

    http://github.com/blackberry/Ripple-UI/issues/732

Side Note:

It seems cookie support, in general, is not feasible with the proxy
enabled, because the remote domain is always the proxy's address, and
not the actual remote domain being requested. This is something to
figure out separately.
632a384
@brentlintner brentlintner merged commit 632a384 into blackberry:next Feb 28, 2013
@dansilivestru

oops, forgot to actually give a +1 on it. Looks good.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.