Setting header with cookie value no longer overwrites a cookie value, it appends

[noahbald]

Hey there, I've updated msw from ^2.4.2 to ^2.4.5 and thus @mswjs/interceptors from 0.29.1 to 0.35.1. This seems to have a changed behaviour when setting a cookie header.
I'm not too sure of the technical details, but this is the change I'm seeing.

// msw@^2.4.2
console.log(request.headers.get("cookie")); // foo=bar
request.headers.set("cookie", "foo=baz");
console.log(request.headers.get("cookie")); // foo=baz

// msw@^2.4.5
console.log(request.headers.get("cookie")); // foo=bar
request.headers.set("cookie", "foo=baz");
console.log(request.headers.get("cookie")); // foo=bar; foo=baz

Workaround

import { parse, serialize } from "cookie";

const cookies = cookies.parse(request.headers.get("cookie")!);
cookies.foo = "baz"
request.headers.set(serialize(cookies));

[kettanaito]

Root cause

The issue is caused by the interceptors pushing recorded headers into the internal array:

interceptors/src/interceptors/ClientRequest/utils/recordRawHeaders.ts

Line 10 in bb9d798

rawHeaders.push(args)

So, whenever you set a header on a response with that header name already present, the internal array will contain two values. The Headers class will then treat that as multi-value header, merging its values.

response.headers.set('foo', 'bar')
// internally: [ ['foo', 'bar'] ]

response.headers.get('foo', 'xyz')
// internally: [ ['foo', 'bar'], ['foo', 'xyz'] ]

[kettanaito]

Released: v0.35.6 🎉

This has been released in v0.35.6!

• 📄 Release notes
• 📦 npm package

Make sure to always update to the latest version (npm i @mswjs/interceptors@latest) to get the newest features and bug fixes.

---

Predictable release automation by @ossjs/release.

[noahbald]

Awesome work, I can confirm the fix is working on my end 🙌

[kettanaito]

Yoo-hoo!