Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

headers.cookie shouldn't be replaced #125

Closed
papandreou opened this issue Dec 5, 2011 · 5 comments
Closed

headers.cookie shouldn't be replaced #125

papandreou opened this issue Dec 5, 2011 · 5 comments

Comments

@papandreou
Copy link
Contributor

I had some old code that pre-dates request's cookie jar support:

request({
    headers: {
        cookie: "foo=bar"
    },
    // ...
});

However, after I updated request it stopped working because now headers.cookie is always overwritten unless jar: false is specified:

if (self.jar === false) {
  // disable cookies
  var cookies = false;
  self._disableCookies = true;
} else if (self.jar) {
  // fetch cookie from the user defined cookie jar
  var cookies = self.jar.get({ url: self.uri.href })
} else {
  // fetch cookie from the global cookie jar
  var cookies = cookieJar.get({ url: self.uri.href })
}
if (cookies) {
    var cookieString = cookies.map(function (c) {
        return c.name + "=" + c.value;
    }).join("; ");

    self.headers.Cookie = cookieString;
}

The fix was trivial, but I'm reporting it anyway because I think it's a wtf. In my opinion there should be a check for whether self.headers.cookie already exists, and if so, append to it. Or at least it shouldn't do anything if the global cookie jar is empty.

My guess is that the current behavior breaks a bunch of proxying use cases where cookies are involved.

I can whip up a pull request, but it would be nice to hear if everyone else is on board with this?
@sujal
Copy link

sujal commented Dec 19, 2011

+1

@daleharvey
Copy link

I just got burned by this as well, was very confusing

@dscape
Copy link

dscape commented Jan 21, 2012

This was a problem for nano, reported by dale

papandreou added a commit to papandreou/request that referenced this issue Feb 8, 2012
@papandreou
Added failing test for request#125.
a0ab977
papandreou added a commit to papandreou/request that referenced this issue Feb 8, 2012
@papandreou
Fix cookie jar/headers.cookie collision. Closes request#125.
c80800a 
If both a cookie jar and headers.cookie are specified, include both in the request, separated by '; '. Also fixed uppercase header name: self.headers.Cookie => self.headers.cookie.
@mikeal
Copy link
Member

mikeal commented Feb 8, 2012

did this get merged? can we close?

mikeal added a commit that referenced this issue Feb 9, 2012
@mikeal
Merge pull request #161 from papandreou/master
dcb6eea 
Fix cookie jar/headers.cookie collision (#125)
@mikeal
Copy link
Member

mikeal commented Feb 18, 2012

fixed.

@mikeal mikeal closed this as completed Feb 18, 2012
@snyk-bot snyk-bot mentioned this issue Nov 18, 2021
Open
@snyk-bot snyk-bot mentioned this issue Jan 13, 2022
Open
@snyk-bot snyk-bot mentioned this issue Apr 5, 2022
Open
@Woodpile37 Woodpile37 mentioned this issue Aug 22, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@mikeal @sujal @dscape @daleharvey @papandreou