Comments (6)
I have no idea how this is supposed to work tbh. What does the spec say? What does request
do?
from got.
@sindresorhus needle ignores cookies on redirect by default and request will store them in global cookie jar which is not quite good idea (how can I clear it?).
Most browsers will set cookies on 30x
response, some sites are using this for authentication.
I have found only one thing about redirects and cookies in RFC 2109:
4.3.5 Sending Cookies in Unverifiable Transactions
Unverifiable transactions typically
arise when a user agent automatically requests inlined or embedded
entities or when it resolves redirection (3xx) responses from an
origin server.When it makes an unverifiable transaction, a user agent must enable a
session only if a cookie with a domain attribute D was sent or
received in its origin transaction, such that the host name in the
Request-URI of the unverifiable transaction domain-matches D.
So we should set cookies, if it is safe to set it. This will be not easy feature to implement, I guess.
from got.
In fact we have two problems:
- Getting cookies from redirect response
- Setting new cookies to redirect request
While first is easly solved with new redirect
event:
got('cookie.com')
.on('redirect', function (res) {
console.log(res.headers);
});
Second is not quite straightforward. May be in this event we could pass headers as second argument:
got('cookie.com')
.on('redirect', function (res, next) {
next.headers.cookie = cookie(res);
});
In this case we will be able to move stuff about cookies (which I like to avoid) to userland.
@sindresorhus @kevva what do you think?
from got.
I know this is old, but this still an issue? Can we pass cookies when using promises?
from got.
I recently tried this.
I'm using a 3rd party service that uses 302 redirects with "Set-Cookie" headers to establish a session.
To clarify how it works:
- any page redirects with 302 to
/login
if there is no headerCookie
set /login
page always redirects to origin page with 302 and aSet-Cookie
header
got doesn't set cookies received from Set-Cookie
header but follows redirects, this causes a redirect loop between origin page and login until maxRedirect is reached.
from got.
For me, cookies are currently preserved across redirects with promises as long as I create an (empty) CookieJar and pass it in the request options
from got.
Related Issues (20)
- `Response<string>` returned rather than a json response HOT 2
- Is v13 still maintained/supported? HOT 1
- Hangs on revalidated response from cache
- Infinite redirection with special characters in the redirected URL HOT 1
- Support `servername` https option
- How to get traffic usage per request? HOT 1
- Is it possible to skip/disable normalization of a request body? HOT 1
- afterResponse fired 3 times on error HOT 3
- Getting the IP address for failed requests due to timeout
- Post request to API returns response code 500 (Internal Server Error) whereas CURL returns 200 status code HOT 2
- Timeouts are longer than expected HOT 1
- NPM Says: Types are not integrated HOT 1
- FormData getLength can error out when some file input is unknown stream.
- POSTs whose bodys are instances of createReadStream hang with latest node HOT 5
- Apply `applyDestroyPatch` for v11.x
- Stream report downloadProgress when redirects HOT 1
- Is TypeScript support outdated? HOT 1
- Good News for CJS
- afterResponse hook is not called after a retryWithMergedOptions() HOT 2
- HTTP2 with proxy doesn't work? (http2-wrapper)
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from got.