net/http: cookies not set on redirections (302) by the default client #64464
Labels
NeedsInvestigation
Someone must examine and confirm this is a valid issue and not a duplicate of an existing one.
Milestone
Go version
go version go1.19.8 linux/amd64
What operating system and processor architecture are you using (
go env
)?What did you do?
First case, I did a GET onto a webpage that sets a cookie and redirects users: https://go.dev/play/p/ecskkzjvHRy
Second case, I did a POST onto a webpage that sets a cookie and redirects users: https://go.dev/play/p/a4xWVv0ZVqT
What did you expect to see?
In both cases, I expected a redirection to a webpage with cookies set.
It turns out that a Cookie Jar has to be defined/initialized for this behaviour to happen (see here for example).
Corrected code for each case: GET & POST.
Output in the first case:
In the second case, I got a Wrong Credentials error.
What did you see instead?
First case:
Second case detailed log (censored):
As pointed out in this 2012 blog post, most browsers redirect users by setting cookies and Golang does only half of this job by default. Please make this default, or do not redirect by default.
The text was updated successfully, but these errors were encountered: