Permalink
Browse files

Added Cookie Header to XML and Websocket request

Summary:
Continuation of Pull Request #7167

#7167

Needed to clean my repository. So created this Pull Request
Closes #10575

Differential Revision: D4955291

Pulled By: shergin

fbshipit-source-id: 94b9a086b7cf70ee6cc152d0b1a36c260140450e
  • Loading branch information...
seraj-ahmad authored and facebook-github-bot committed May 24, 2017
1 parent bea7659 commit 047961fbf77cb012b53978184102e8ca3d00c7ec
@@ -63,6 +63,9 @@ - (NSURLSessionDataTask *)sendRequest:(NSURLRequest *)request
callbackQueue.maxConcurrentOperationCount = 1;
callbackQueue.underlyingQueue = [[_bridge networking] methodQueue];
NSURLSessionConfiguration *configuration = [NSURLSessionConfiguration defaultSessionConfiguration];
[configuration setHTTPShouldSetCookies:YES];
[configuration setHTTPCookieAcceptPolicy:NSHTTPCookieAcceptPolicyAlways];
[configuration setHTTPCookieStorage:[NSHTTPCookieStorage sharedHTTPCookieStorage]];
_session = [NSURLSession sessionWithConfiguration:configuration
delegate:self
delegateQueue:callbackQueue];
@@ -228,7 +228,19 @@ - (RCTURLRequestCancellationBlock)buildRequest:(NSDictionary<NSString *, id> *)q
NSURL *URL = [RCTConvert NSURL:query[@"url"]]; // this is marked as nullable in JS, but should not be null
NSMutableURLRequest *request = [NSMutableURLRequest requestWithURL:URL];
request.HTTPMethod = [RCTConvert NSString:RCTNilIfNull(query[@"method"])].uppercaseString ?: @"GET";
request.allHTTPHeaderFields = [self stripNullsInRequestHeaders:[RCTConvert NSDictionary:query[@"headers"]]];
// Load and set the cookie header.
NSArray<NSHTTPCookie *> *cookies = [[NSHTTPCookieStorage sharedHTTPCookieStorage] cookiesForURL:URL];
request.allHTTPHeaderFields = [NSHTTPCookie requestHeaderFieldsWithCookies:cookies];

This comment has been minimized.

Show comment
Hide comment
@JonnyBurger

JonnyBurger Jun 12, 2017

I believe that this introduced an unintentional breaking change:

This explicitly sets the 'Cookie' header field and overrides the HTTPShouldHandleCookies option on line 245:

If your app sets the Cookie header on an NSMutableURLRequest object, then this method has no effect, and the cookie data you set in the header overrides all cookies from the cookie store.

The two seem to behave differently, on the Objective-C level a cookie set by Set-Cookie was not stored into the cookie storage and therefore my subsequent request failed.
Uncommenting this line fixed the issue for me.

@JonnyBurger

JonnyBurger Jun 12, 2017

I believe that this introduced an unintentional breaking change:

This explicitly sets the 'Cookie' header field and overrides the HTTPShouldHandleCookies option on line 245:

If your app sets the Cookie header on an NSMutableURLRequest object, then this method has no effect, and the cookie data you set in the header overrides all cookies from the cookie store.

The two seem to behave differently, on the Objective-C level a cookie set by Set-Cookie was not stored into the cookie storage and therefore my subsequent request failed.
Uncommenting this line fixed the issue for me.

This comment has been minimized.

Show comment
Hide comment
@RedBlueThing

RedBlueThing Jul 26, 2017

Hey Jonny,

We discovered today that this change introduced a problem with our application. We rely on cookies set in the headers of a 302 response being set on the subsequent request following the location.

If I undo the changes in RCTNetworking.mm and RCTHttpRequestHandler.mm (we don't use web sockets so I didn't touch RCTWebSocketModule) then the cookies are set on the follow request.

With this change the follow request doesn't have the cookies set in the 302 response.

Would love to work with you to resolve this problem. Please let me know if I can provide any more info.

Cheers,
Tom

@RedBlueThing

RedBlueThing Jul 26, 2017

Hey Jonny,

We discovered today that this change introduced a problem with our application. We rely on cookies set in the headers of a 302 response being set on the subsequent request following the location.

If I undo the changes in RCTNetworking.mm and RCTHttpRequestHandler.mm (we don't use web sockets so I didn't touch RCTWebSocketModule) then the cookies are set on the follow request.

With this change the follow request doesn't have the cookies set in the 302 response.

Would love to work with you to resolve this problem. Please let me know if I can provide any more info.

Cheers,
Tom

This comment has been minimized.

Show comment
Hide comment
@JonnyBurger

JonnyBurger Jul 26, 2017

Hi @RedBlueThing it looks like you had the same issue as me.
I created an issue, you can follow #14869 for more info and support it so we can get the fix merged!

@JonnyBurger

JonnyBurger Jul 26, 2017

Hi @RedBlueThing it looks like you had the same issue as me.
I created an issue, you can follow #14869 for more info and support it so we can get the fix merged!

This comment has been minimized.

Show comment
Hide comment
@RedBlueThing

RedBlueThing Jul 27, 2017

Hey @JonnyBurger, Awesome thanks for doing that :)

@RedBlueThing

RedBlueThing Jul 27, 2017

Hey @JonnyBurger, Awesome thanks for doing that :)

// Set supplied headers.
NSDictionary *headers = [RCTConvert NSDictionary:query[@"headers"]];
[headers enumerateKeysAndObjectsUsingBlock:^(NSString *key, id value, BOOL *stop) {
if (value) {
[request addValue:[RCTConvert NSString:value] forHTTPHeaderField:key];
}
}];
request.timeoutInterval = [RCTConvert NSTimeInterval:query[@"timeout"]];
request.HTTPShouldHandleCookies = [RCTConvert BOOL:query[@"withCredentials"]];
NSDictionary<NSString *, id> *data = [RCTConvert NSDictionary:RCTNilIfNull(query[@"data"])];
@@ -60,6 +60,20 @@ - (void)dealloc
RCT_EXPORT_METHOD(connect:(NSURL *)URL protocols:(NSArray *)protocols headers:(NSDictionary *)headers socketID:(nonnull NSNumber *)socketID)
{
NSMutableURLRequest *request = [NSMutableURLRequest requestWithURL:URL];
// We load cookies from sharedHTTPCookieStorage (shared with XHR and
// fetch). To get secure cookies for wss URLs, replace wss with https
// in the URL.
NSURLComponents *components = [NSURLComponents componentsWithURL:URL resolvingAgainstBaseURL:true];
if ([components.scheme.lowercaseString isEqualToString:@"wss"]) {
components.scheme = @"https";
}
// Load and set the cookie header.
NSArray<NSHTTPCookie *> *cookies = [[NSHTTPCookieStorage sharedHTTPCookieStorage] cookiesForURL:components.URL];
request.allHTTPHeaderFields = [NSHTTPCookie requestHeaderFieldsWithCookies:cookies];
// Load supplied headers
[headers enumerateKeysAndObjectsUsingBlock:^(NSString *key, id value, BOOL *stop) {
[request addValue:[RCTConvert NSString:value] forHTTPHeaderField:key];
}];

0 comments on commit 047961f

Please sign in to comment.