getAttachCookies appends cookies even though this is against the RFC

Question

getAttachCookies appends cookies even though this is against the RFC

XuluWarrior opened this issue 8 years ago · 4 comments

Using a cookies jar, I was having issues with after login POST, future requests still behaved as if I wasn't logged in.

I traced this down to getAttachedCookies which calls request.set('Cookie', /* original cookies from request*/) followed by request.append('Cookie', /* Jar cookies */)

The server I was connecting to was obviously taking offense to the multiple cookie headers and according to the RFC it is correct to do so.

http://stackoverflow.com/questions/16305814/are-multiple-cookie-headers-allowed-in-an-http-request

Answer 1 · 2016-12-08T16:53:56.000Z

Replacing 'append' with 'set' fixed my login issues but that obviously overwrites rather than merges the two cookie sources.

Answer 2 · 2016-12-08T19:27:23.000Z

Sounds like a reasonable fix, sorry about that. There should definitely be one header, I'll check what it would take (if it doesn't already) to make sure redirections handle cookies properly.

Answer 3 · 2016-12-09T05:36:43.000Z

Released with https://github.com/blakeembrey/popsicle/releases/tag/v9.0.0.

Answer 4 · 2016-12-11T18:41:06.000Z

Great! That works for me. Thanks for the prompt fix.