You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Jun 14, 2023. It is now read-only.
Currently, if you set more than one cookie, the Set-Cookie header is sent once, with all the cookies comma separated, instead of sending one Set-Cookie for each cookie (like php function setcookie does).
Origin servers SHOULD NOT fold multiple Set-Cookie header fields into
a single header field. The usual mechanism for folding HTTP headers
fields (i.e., as defined in [RFC2616]) might change the semantics of
the Set-Cookie header field because the %x2C (",") character is used
by Set-Cookie in a way that conflicts with such folding.
Context
If you need to set more than one cookie (my particular case is for using with cloudfront (aws)), the library will fold all the cookies in one single Set-Cookie header:
HTTP/1.1 200 OK
Set-Cookie: TestCookie1=Value1; TestCookie2=Value2; TestCookie3=Value3
While the right way would be:
HTTP/1.1 200 OK
Set-Cookie: TestCookie1=Value1
Set-Cookie: TestCookie2=Value2
Set-Cookie: TestCookie3=Value3
Possible implementation
I'm doing a PR request to handle this. The issue will be solved if the cookies are set using the "cookie" method from swoole server, instead of "header" method.
The text was updated successfully, but these errors were encountered:
Detailed description
Currently, if you set more than one cookie, the Set-Cookie header is sent once, with all the cookies comma separated, instead of sending one Set-Cookie for each cookie (like php function setcookie does).
Also there is what RFC 6265 says about it:
Context
If you need to set more than one cookie (my particular case is for using with cloudfront (aws)), the library will fold all the cookies in one single Set-Cookie header:
While the right way would be:
Possible implementation
I'm doing a PR request to handle this. The issue will be solved if the cookies are set using the "cookie" method from swoole server, instead of "header" method.
The text was updated successfully, but these errors were encountered: