Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Session cookie is lost after redirecting #25495

Closed
jonasraoni opened this issue Jan 18, 2023 · 12 comments · Fixed by #25761
Closed

Session cookie is lost after redirecting #25495

jonasraoni opened this issue Jan 18, 2023 · 12 comments · Fixed by #25761
Labels
topic: cookies 🍪

Comments

@jonasraoni
Copy link

jonasraoni commented Jan 18, 2023
edited
Loading

Current behavior

Considering a simple:

cy.visit('/');

And the HTTP response below:

HTTP/1.1 302 Found
Host: 127.0.0.1:8080
Date: Sun, 08 Jan 2023 16:07:27 GMT
Connection: close
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: SESSION_ID=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
Set-Cookie: SESSION_ID=new_cookie_value
Location: next-url
Content-type: text/html; charset=UTF-8

Notice the Set-Cookie, first removing a cookie, then recreating it, and the presence of the Location header

When Cypress goes to the redirected URL, the cookie is lost.

If I remove the Location header from the response and redirect manually with another cy.visit('/next-url'); OR if I drop the first Set-Cookie header (the one which deletes the cookie), then everything works fine.

Desired behavior

I expect Cypress to behave like the browser, which understands the last Set-Cookie should keep/recreate the cookie.

Test code to reproduce

Small sample available above, I might fork the https://github.com/cypress-io/cypress-test-tiny later, but definitely not at this moment.

Cypress Version

12.2.0

Node version

18.11.0

Operating System

Windows 10

Debug Logs

No response

Other

Original report is here: #19800 (comment)
@jonasraoni jonasraoni mentioned this issue Jan 18, 2023
Closed
@AtofStryker
Copy link
Contributor

Hey @jonasraoni. Hope you have been well and thank you for opening an issue. Would you be able to help me get a minimum reproduction repository up and running? I don't think it has to be much. Maybe visiting a webpage that sets the session cookies you expect and then run it in the browser vs Cypress? I think you might be able to do that with cypress-test-tiny.

I do wonder if it works without a 302 redirect but the reproduction will help us confirm.

@jonasraoni
Copy link
Author

Would you be able to help me get a minimum reproduction repository up and running?

I'll take a look later, for now I'm a bit overloaded to inspect other repos. I just can confirm it happened with another person using another SO/environment.

I do wonder if it works without a 302 redirect but the reproduction will help us confirm

Yes, I wrote about it above, if I drop the Location header, it works fine. Redirecting manually with another cy.visit() also works.

@DobQA
Copy link

DobQA commented Jan 25, 2023

Im seeing something similar, are you only getting this issue on Chromium based browsers. For myself no issues firefox and Safari, but rest have problem?

@AtofStryker AtofStryker assigned mschile and unassigned AtofStryker Jan 31, 2023
@suellenzsoares
Copy link

Hello @AtofStryker,
I believe I'm having a similar issue, after be already logged and the tests is executing it just logout.
I really appreciate if you can help me with it once it is blocking our regression tests.

Thank you so much

@mschile
Copy link
Contributor

mschile commented Feb 3, 2023

@jonasraoni, I tried to recreate the issue using this repo but I was unable to reproduce it. Please let me know if I am missing something.

@suellenzsoares, do you have a project that I could look at or can you update this repo to reproduce the issue.

@suellenzsoares
Copy link

suellenzsoares commented Feb 3, 2023 via email

@mschile
Copy link
Contributor

mschile commented Feb 5, 2023

Possibly related to #25205

@jonasraoni, here is potential workaround.

@suellenzsoares, unfortunately, I won't be able to help remotely but please feel free to try the above workaround if it's the same issue. Otherwise, would you be able to recreate your issue with a reproduction repository by forking cypress-test-tiny or by other means?

@denissonp
Copy link

Also, it seems like, when the same cookie is recreated after a redirecting, Cypress is keeping both cookies, instead of only keeping the last one created.
At least, this is the behaviour I get. and If I manually delete the old duplicated cookies from the browser, it works just fine.
I'm using Chrome to test, btw.

@suellenzsoares
Copy link

suellenzsoares commented Feb 7, 2023 via email

@AtofStryker AtofStryker mentioned this issue Feb 9, 2023
Merged
4 tasks
@mschile mschile assigned AtofStryker and unassigned mschile Feb 10, 2023
@AtofStryker
Copy link
Contributor

@jonasraoni @denissonp @suellenzsoares @DobQA would any of you be able to try this binary to see if it resolves your issue?

@AtofStryker
Copy link
Contributor

This should be fixed with 12.6.1, which should be released either today or tomorrow.

@cypress-bot
Copy link
Contributor

cypress-bot bot commented Feb 25, 2023

Released in 12.7.0.

This comment thread has been locked. If you are still experiencing this issue after upgrading to
Cypress v12.7.0, please open a new issue.

@cypress-bot cypress-bot bot locked as resolved and limited conversation to collaborators Feb 25, 2023
@AtofStryker AtofStryker removed their assignment Mar 23, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
topic: cookies 🍪
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix: duplicate and expired cookies cypress-io/cypress
6 participants
@jonasraoni @mschile @AtofStryker @DobQA @suellenzsoares @denissonp