Skip to content

[Bug?]: SolidStart produces invalid flash cookies #1645

New issue
New issue
Closed
Closed
[Bug?]: SolidStart produces invalid flash cookies#1645
Labels
bugSomething isn't working
@frenzzy

Description

@frenzzy
frenzzy
opened on Oct 3, 2024

Duplicates

  • I have searched the existing issues

Latest version

  • I have tested the latest version

Current behavior 😯

Server sets the following set-cookie header:

set-cookie: flash={"url":"/_server%3Fid%3D%252Fsolid-start%252Fexamples%252Fwith-auth%252Fsrc%252Flib%252Findex.ts%26name%3D%2524%2524function1","result":"Usernames must be at least 3 characters long","error":true,"input":[[["redirectTo","/"],["loginType","login"],["username",";"],["password",""]]]}; Secure; HttpOnly;

User sees:

{
  "statusCode": 500,
  "stack": []
}

Server displays an error:

[h3] [unhandled] SyntaxError: Unterminated string in JSON at position 243 (line 1 column 244)
    at JSON.parse (<anonymous>)
    ... 7 lines matching cause stack trace ...
    at async Server.toNodeHandle (file:///solid-start/node_modules/.pnpm/h3@1.11.1/node_modules/h3/dist/index.mjs:2249:7) {
  cause: SyntaxError: Unterminated string in JSON at position 243 (line 1 column 244)
      at JSON.parse (<anonymous>)
      at initFromFlash (/solid-start/node_modules/.pnpm/@solidjs+start@1.0.8_@testing-library+jest-dom@6.4.5_vitest@1.6.0_@types+node@20.12.12_@vites_g4axoxquuc27oifb2hw6quhyia/node_modules/@solidjs/start/dist/server/pageEvent.js:11:20)
      at createPageEvent (/solid-start/node_modules/.pnpm/@solidjs+start@1.0.8_@testing-library+jest-dom@6.4.5_vitest@1.6.0_@types+node@20.12.12_@vites_g4axoxquuc27oifb2hw6quhyia/node_modules/@solidjs/start/dist/server/pageEvent.js:35:19)
      at async eval (/solid-start/node_modules/.pnpm/@solidjs+start@1.0.8_@testing-library+jest-dom@6.4.5_vitest@1.6.0_@types+node@20.12.12_@vites_g4axoxquuc27oifb2hw6quhyia/node_modules/@solidjs/start/dist/server/handler.js:45:25)
      at async _callHandler (file:///solid-start/node_modules/.pnpm/h3@1.11.1/node_modules/h3/dist/index.mjs:1821:16)
      at async _callHandler (file:///solid-start/node_modules/.pnpm/h3@1.11.1/node_modules/h3/dist/index.mjs:1821:16)
      at async file:///solid-start/node_modules/.pnpm/h3@1.11.1/node_modules/h3/dist/index.mjs:1962:19
      at async Object.callAsync (file:///solid-start/node_modules/.pnpm/unctx@2.3.1/node_modules/unctx/dist/index.mjs:72:16)
      at async Server.toNodeHandle (file:///solid-start/node_modules/.pnpm/h3@1.11.1/node_modules/h3/dist/index.mjs:2249:7),
  statusCode: 500,
  fatal: false,
  unhandled: true,
  statusMessage: undefined,
  data: undefined
}

Expected behavior 🤔

  1. The server should produce valid flash cookies (e.g., encode non-ASCII symbols).
  2. The server should handle invalid cookies correctly (e.g., ignore them instead of failing).

Steps to reproduce 🕹

Steps:

  1. Run and open the with-auth example.
  2. Disable JavaScript in DevTools.
  3. Enter ; or any non-ASCII symbol into the Username field.
  4. Submit the form.

Context 🔦

No response

Your environment 🌎

I have reproduced the issue using the latest commit in the main brunch on Node.js v22.9.0

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugSomething isn't working

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions