Comments (6)
sindresorhus
commented on May 1, 2024
I have no idea how this is supposed to work tbh. What does the spec say? What does request do?
from got.
floatdrop
commented on May 1, 2024
@sindresorhus needle ignores cookies on redirect by default and request will store them in global cookie jar which is not quite good idea (how can I clear it?).
Most browsers will set cookies on 30x response, some sites are using this for authentication.
I have found only one thing about redirects and cookies in RFC 2109:
4.3.5 Sending Cookies in Unverifiable Transactions
Unverifiable transactions typically
arise when a user agent automatically requests inlined or embedded
entities or when it resolves redirection (3xx) responses from an
origin server.When it makes an unverifiable transaction, a user agent must enable a
session only if a cookie with a domain attribute D was sent or
received in its origin transaction, such that the host name in the
Request-URI of the unverifiable transaction domain-matches D.
So we should set cookies, if it is safe to set it. This will be not easy feature to implement, I guess.
from got.
floatdrop
commented on May 1, 2024
In fact we have two problems:
- Getting cookies from redirect response
- Setting new cookies to redirect request
While first is easly solved with new redirect event:
got('cookie.com')
.on('redirect', function (res) {
console.log(res.headers);
});Second is not quite straightforward. May be in this event we could pass headers as second argument:
got('cookie.com')
.on('redirect', function (res, next) {
next.headers.cookie = cookie(res);
});In this case we will be able to move stuff about cookies (which I like to avoid) to userland.
@sindresorhus @kevva what do you think?
from got.
posabsolute
commented on May 1, 2024
I know this is old, but this still an issue? Can we pass cookies when using promises?
from got.
AlbertoFdzM
commented on May 1, 2024
I recently tried this.
I'm using a 3rd party service that uses 302 redirects with "Set-Cookie" headers to establish a session.
To clarify how it works:
- any page redirects with 302 to
/loginif there is no headerCookieset /loginpage always redirects to origin page with 302 and aSet-Cookieheader
got doesn't set cookies received from Set-Cookie header but follows redirects, this causes a redirect loop between origin page and login until maxRedirect is reached.
from got.
toBeOfUse
commented on May 1, 2024
For me, cookies are currently preserved across redirects with promises as long as I create an (empty) CookieJar and pass it in the request options
from got.
Related Issues (20)
- `Response<string>` returned rather than a json response HOT 2
- Is v13 still maintained/supported? HOT 1
- Hangs on revalidated response from cache
- Infinite redirection with special characters in the redirected URL HOT 1
- Support `servername` https option
- How to get traffic usage per request? HOT 1
- Is it possible to skip/disable normalization of a request body? HOT 1
- afterResponse fired 3 times on error HOT 3
- Getting the IP address for failed requests due to timeout
- Post request to API returns response code 500 (Internal Server Error) whereas CURL returns 200 status code HOT 2
- Timeouts are longer than expected HOT 1
- NPM Says: Types are not integrated HOT 1
- FormData getLength can error out when some file input is unknown stream.
- POSTs whose bodys are instances of createReadStream hang with latest node HOT 5
- Apply `applyDestroyPatch` for v11.x
- Stream report downloadProgress when redirects HOT 1
- Is TypeScript support outdated? HOT 1
- Good News for CJS
- afterResponse hook is not called after a retryWithMergedOptions() HOT 2
- HTTP2 with proxy doesn't work? (http2-wrapper)
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from got.