Skip to content

Commit

Permalink
Merge pull request #12 from maccyber/correct_cookie_domain_when_redir…
Browse files Browse the repository at this point in the history 
…ected

Sets the correct cookie domain when redirected. Fixes #11
  • Loading branch information
@jd1378
jd1378 authored Nov 30, 2022
2 parents 7e0f958 + 86d2ad0 commit 1a40c41
Show file tree
Hide file tree
Showing 2 changed files with 23 additions and 1 deletion.
2 changes: 1 addition & 1 deletion fetch_wrapper.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@ export function wrapFetch(options?: WrapFetchOptions): typeof fetch {
const response = await fetch(input, interceptedInit);
response.headers.forEach((value, key) => {
if (key.toLowerCase() === "set-cookie") {
cookieJar.setCookie(value, input);
cookieJar.setCookie(value, response.url);
}
});
return response;
Expand Down
22 changes: 22 additions & 0 deletions fetch_wrapper_test.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,8 @@ function serverHandler(request: Request): Response {
headers.append("Set-Cookie", "echo=one; Path=/; HttpOnly");
headers.append("Set-Cookie", "third=echo; Path=/; Secure");
return new Response("ok", { status: 200, headers });
} else if (new URL(request.url).pathname === "/redirect_to_server_two_set1") {
return Response.redirect(serverTwoUrl + "/set1");
} else {
const bodyContent = request.headers.get("cookie") || "";
return new Response(bodyContent, { status: 200 });
Expand Down Expand Up @@ -199,6 +201,26 @@ Deno.test("WrappedFetch doesn't send secure cookies over unsecure urls", async (
}
});

Deno.test("Sets the correct domain in cookies when 302-redirected", async () => {
const abortController = runServer(serverOneOptions);
const abortController2 = runServer(serverTwoOptions);
try {
const cookieJar = new CookieJar();
const wrappedFetch = wrapFetch({ cookieJar });

await wrappedFetch(serverOneUrl + "/redirect_to_server_two_set1").then((
r,
) => r.text());
assertStrictEquals(
cookieJar.getCookie({ name: "foo" })?.domain,
`${serverHostname}:${serverTwoPort}`,
);
} finally {
abortController.abort();
abortController2.abort();
}
});

Deno.test("Cookies are not send cross domain", async () => {
const abortController = runServer(serverOneOptions);
const abortController2 = runServer(serverTwoOptions);
Expand Down

0 comments on commit 1a40c41

Please sign in to comment.