fix: allow cookies to be set in rewritten responses #11280
Conversation
🦋 Changeset detectedLatest commit: a5412a7 The changes in this PR will be included in the next version bump. Not sure what this means? Click here to learn what changesets are. Click here if you're a maintainer who wants to add another changeset to this PR |
github-actions
bot
added
the
pkg: astro
|
|
||
| if (result.cookies) { | ||
| for (const cookie of AstroCookies.consume(result.cookies)) { | ||
| response.headers.append('Set-Cookie', cookie); |
There was a problem hiding this comment.
I don't think we should append the headers here. They are already appended further up in the response, here:
astro/packages/astro/src/core/app/index.ts
Lines 346 to 350 in cb4d078
What I think is happening in this bug is that the Response has changed because of rewriting, so the AstroCookies object is not attached to it anymore. So what I think you can do is call attachCookiesToResponse here and then when the cookies are consumed further up the chain they will be appended to the response there.
There was a problem hiding this comment.
Looks like they actually need to be merged, so I took a different approach
| * Merges a new AstroCookies instance into the current instance. Any new cookies | ||
| * will be added to the current instance, overwriting any existing cookies with the same name. | ||
| */ | ||
| merge(cookies: AstroCookies) { |
There was a problem hiding this comment.
I have mixed feelings about this method, I would prefer to return a new instance instead of manipulating the existing one. Essentially, try to use a pure/functional approach and avoid side-effects.
I would called this method fork instead
There was a problem hiding this comment.
Why? In this case there are already 2 AstroCookies instances created (once for each response), what does adding a 3rd accomplish? This is not immutable style code, and this function is not mutating the argument, it's mutating itself.
There was a problem hiding this comment.
I don't think this is the correct fix. I think the fix should be done here:
And here
And the code should be
this.cookies = this.cookies.fork(this.request)fork will return a new instance of AstroCookies, and the creation of these new cookies is confined inside the rewrite function, while the proposed solution seems to be more broad
There was a problem hiding this comment.
Ok, that plan makes sense then. 👍
There was a problem hiding this comment.
I don't think will help with cookies that are set on the response. It only merges the request cookies.
There was a problem hiding this comment.
I'm happy to change it to a pure function, but I don't think it can be done at the point the cookies are first assigned.
There was a problem hiding this comment.
What confuses me is the term "rewriting a response" from the initial issue. Astro.rewrite, actually, rewrites a Request, and you'll get Response, eventually. But there's no "rewritten response" involved. So I wonder how the issue is related to rewriting? I am a bit confused 😅 maybe I am missing something
There was a problem hiding this comment.
It refers to responses to a rewritten request. If page /a has Astro.rewrite('/b'), and /b sets a cookie, currently the cookie from b is not returned.
| @@ -0,0 +1,4 @@ | |||
| --- | |||
| console.log('cookie value: ', Astro.cookies.get('my_cookie')?.value); | |||
There was a problem hiding this comment.
Should we add another test where in the first page we set a lorem value, then in the rewritten page we set a ipsum value, and assert that the cookie has ipsum as value?
|
@ematipico and I had a chat and agreed this approach |
Changes
Ensures that
set-cookieheaders are set when rewriting a request.Fixes #11265
Testing
Adds a test case for a rewritten request
Docs
Just a bugfix