Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: Special-case Response.append_header to handle Set-Cookie #1265

Closed
kgriffs opened this issue May 12, 2018 · 1 comment
Closed

fix: Special-case Response.append_header to handle Set-Cookie #1265

kgriffs opened this issue May 12, 2018 · 1 comment
Assignees
@kgriffs
Labels
bug
Milestone
Version 2.0

Comments

@kgriffs
Copy link
Member

kgriffs commented May 12, 2018

When setting cookies directly (e.g., when proxying an upstream response with cookie headers), we must special-case Set-Cookie since the usual method of joining multiple header values with a comma is incorrect in that case.

I've got a prototype fix for this already, so I'll go ahead and work on a PR.
@kgriffs kgriffs added the bug label May 12, 2018
@kgriffs kgriffs added this to the Version 2.0 milestone May 12, 2018
@kgriffs kgriffs self-assigned this May 13, 2018
@kgriffs kgriffs modified the milestones: Version 2.0, Version 2.2 Nov 8, 2018
@kgriffs
Copy link
Member Author

kgriffs commented Jan 12, 2019

I should have a PR up for this next week.

kgriffs added a commit to kgriffs/falcon that referenced this issue Jan 18, 2019
@kgriffs
feat: Provide a way to set raw cookie headers
5b97a04 
Previously, setting raw cookies was not supported without having
to subclass Response and override several methods. This patch
adds official support for this functionality, while also explicitly
disallowing the use of Set-Cookie with certain generic header
manipulation methods that have semantics that are incompatible
with Set-Cookie.

BREAKING CHANGE: Previously, several methods in the Response class
	could be used to attempt to set raw cookie headers. However,
	due to the Set-Cookie header values not being combinable
	as a comma-delimited list, this resulted in an unexpected and/or
	incorrect response being constructed for the user agent in
	the case that more than one cookie was being set.

Fixes falconry#1265
@kgriffs kgriffs mentioned this issue Jan 18, 2019
Merged
kgriffs added a commit to kgriffs/falcon that referenced this issue Jan 29, 2019
@kgriffs
feat: Provide a way to set raw cookie headers
73dc1dc 
Previously, setting raw cookies was not supported without having
to subclass Response and override several methods. This patch
adds official support for this functionality, while also explicitly
disallowing the use of Set-Cookie with certain generic header
manipulation methods that have semantics that are incompatible
with Set-Cookie.

BREAKING CHANGE: Previously, several methods in the Response class
	could be used to attempt to set raw cookie headers. However,
	due to the Set-Cookie header values not being combinable
	as a comma-delimited list, this resulted in an unexpected and/or
	incorrect response being constructed for the user agent in
	the case that more than one cookie was being set.

Fixes falconry#1265
kgriffs added a commit to kgriffs/falcon that referenced this issue Feb 9, 2019
@kgriffs
feat: Provide a way to set raw cookie headers
eb337e3 
Previously, setting raw cookies was not supported without having
to subclass Response and override several methods. This patch
adds official support for this functionality, while also explicitly
disallowing the use of Set-Cookie with certain generic header
manipulation methods that have semantics that are incompatible
with Set-Cookie.

BREAKING CHANGE: Previously, several methods in the Response class
	could be used to attempt to set raw cookie headers. However,
	due to the Set-Cookie header values not being combinable
	as a comma-delimited list, this resulted in an unexpected and/or
	incorrect response being constructed for the user agent in
	the case that more than one cookie was being set.

Fixes falconry#1265
kgriffs added a commit to kgriffs/falcon that referenced this issue Feb 13, 2019
@kgriffs
feat: Provide a way to set raw cookie headers
45d7723 
Previously, setting raw cookies was not supported without having
to subclass Response and override several methods. This patch
adds official support for this functionality, while also explicitly
disallowing the use of Set-Cookie with certain generic header
manipulation methods that have semantics that are incompatible
with Set-Cookie.

BREAKING CHANGE: Previously, several methods in the Response class
	could be used to attempt to set raw cookie headers. However,
	due to the Set-Cookie header values not being combinable
	as a comma-delimited list, this resulted in an unexpected and/or
	incorrect response being constructed for the user agent in
	the case that more than one cookie was being set.

Fixes falconry#1265
vytas7 pushed a commit that referenced this issue Feb 14, 2019
@kgriffs @vytas7
feat: provide a way to set raw cookie headers (#1414)
75824ba 
Previously, setting raw cookies was not supported without having
to subclass Response and override several methods. This patch
adds official support for this functionality, while also explicitly
disallowing the use of Set-Cookie with certain generic header
manipulation methods that have semantics that are incompatible
with Set-Cookie.

BREAKING CHANGE: Previously, several methods in the Response class
	could be used to attempt to set raw cookie headers. However,
	due to the Set-Cookie header values not being combinable
	as a comma-delimited list, this resulted in an unexpected and/or
	incorrect response being constructed for the user agent in
	the case that more than one cookie was being set.

Fixes #1265
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@kgriffs kgriffs

Labels
bug
Projects
None yet
Milestone
Version 2.0
Development

No branches or pull requests
2 participants
@kgriffs @vytas7