New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Reject responses that have explicit set-cookie #1619
Comments
I am looking for issues in Erlang to practice more. Would you say I could pick this one? |
Hello @geeksilva97 sorry I had not received an email following your comment, guess it got lost. Yes it would be a good choice. Basically the functions |
Thank you, @essen . Will give it try, starting tomorrow. |
Just a confirmation, @essen . Should I throw an error? If so, are you expecting anything special? I was naively thinking of something like set_resp_header(<<"set-cookie">>, _, _) ->
throw({invalid_header_name, <<"set-cookie">>}); |
Please use something of the form:
See a40bab8 for a more extensive example. |
Thank you. Will do. |
Done. Closing, thank you! |
This causes confusion otherwise. See #1483 (comment)
We want users to call set_resp_cookie or to manually set the raw resp_cookies value in the Req. A function to do that may be welcome. This is mainly useful for proxies though so not sure how much we should do.
The text was updated successfully, but these errors were encountered: