From 07587ebb03558026694630530b890cb675c55f12 Mon Sep 17 00:00:00 2001 From: Matthew Phillips Date: Tue, 2 May 2023 15:12:46 -0400 Subject: [PATCH 1/6] Ensure multiple cookies set in dev result in multiple set-cookie headers --- .../src/vite-plugin-astro-server/response.ts | 7 +++-- .../fixtures/ssr-api-route/src/pages/login.js | 15 ++++----- packages/astro/test/ssr-api-route.test.js | 31 ++++++++++++++++--- 3 files changed, 39 insertions(+), 14 deletions(-) diff --git a/packages/astro/src/vite-plugin-astro-server/response.ts b/packages/astro/src/vite-plugin-astro-server/response.ts index 3c075405fef9..e2f38beb76b9 100644 --- a/packages/astro/src/vite-plugin-astro-server/response.ts +++ b/packages/astro/src/vite-plugin-astro-server/response.ts @@ -57,9 +57,10 @@ export async function writeWebResponse(res: http.ServerResponse, webResponse: Re // Attach any set-cookie headers added via Astro.cookies.set() const setCookieHeaders = Array.from(getSetCookiesFromResponse(webResponse)); - setCookieHeaders.forEach((cookie) => { - headers.append('set-cookie', cookie); - }); + if(setCookieHeaders.length) { + // Always use `res.setHeader` because headers.append causes them to be concatenated. + res.setHeader('set-cookie', setCookieHeaders); + } const _headers = Object.fromEntries(headers.entries()); diff --git a/packages/astro/test/fixtures/ssr-api-route/src/pages/login.js b/packages/astro/test/fixtures/ssr-api-route/src/pages/login.js index f486927a0eac..dfce0b5d69fd 100644 --- a/packages/astro/test/fixtures/ssr-api-route/src/pages/login.js +++ b/packages/astro/test/fixtures/ssr-api-route/src/pages/login.js @@ -1,11 +1,12 @@ - -export function post() { - const headers = new Headers(); - headers.append('Set-Cookie', `foo=foo; HttpOnly`); - headers.append('Set-Cookie', `bar=bar; HttpOnly`); - +/** @type {import('astro').APIRoute} */ +export function post({ cookies }) { + cookies.set('foo', 'foo', { + httpOnly: true + }); + cookies.set('bar', 'bar', { + httpOnly: true + }); return new Response('', { status: 201, - headers, }); } diff --git a/packages/astro/test/ssr-api-route.test.js b/packages/astro/test/ssr-api-route.test.js index cafbdf32c70a..739021c3c66b 100644 --- a/packages/astro/test/ssr-api-route.test.js +++ b/packages/astro/test/ssr-api-route.test.js @@ -2,6 +2,7 @@ import { expect } from 'chai'; import { File, FormData } from 'undici'; import testAdapter from './test-adapter.js'; import { loadFixture } from './test-utils.js'; +import net from 'net'; describe('API routes in SSR', () => { /** @type {import('./test-utils').Fixture} */ @@ -95,11 +96,33 @@ describe('API routes in SSR', () => { }); it('Can set multiple headers of the same type', async () => { - const response = await fixture.fetch('/login', { - method: 'POST', + const response = await new Promise(resolve => { + let { address: host, port } = devServer.address; + let socket = new net.Socket(); + socket.connect(port, host); + socket.on('connect', () => { + let rawRequest = `POST /login HTTP/1.1\r\nHost: ${host}\r\n\r\n`; + socket.write(rawRequest); + }); + + let rawResponse = ''; + socket.setEncoding('utf-8') + socket.on('data', chunk => { + rawResponse += chunk.toString(); + socket.destroy(); + }); + socket.on('close', () => { + resolve(rawResponse); + }); }); - const setCookie = response.headers.get('set-cookie'); - expect(setCookie).to.equal('foo=foo; HttpOnly, bar=bar; HttpOnly'); + + let count = 0; + let exp = /set-cookie\:/g; + while(exp.exec(response)) { + count++; + } + + expect(count).to.equal(2, 'Found two seperate set-cookie response headers') }); }); }); From d4186e0a86e390f6e2c3451f7205a84f9fe8a832 Mon Sep 17 00:00:00 2001 From: Matthew Phillips Date: Tue, 2 May 2023 15:14:40 -0400 Subject: [PATCH 2/6] Adding a changeset --- .changeset/twelve-feet-switch.md | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 .changeset/twelve-feet-switch.md diff --git a/.changeset/twelve-feet-switch.md b/.changeset/twelve-feet-switch.md new file mode 100644 index 000000000000..b581fb4c3390 --- /dev/null +++ b/.changeset/twelve-feet-switch.md @@ -0,0 +1,5 @@ +--- +'astro': patch +--- + +Ensure multiple cookies set in dev result in multiple set-cookie headers From e0d4925a26da7721c8bf71c68f1e21c523e96e33 Mon Sep 17 00:00:00 2001 From: Matthew Phillips Date: Wed, 3 May 2023 10:10:08 -0400 Subject: [PATCH 3/6] Try connecting to localhost instead --- packages/astro/test/ssr-api-route.test.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/astro/test/ssr-api-route.test.js b/packages/astro/test/ssr-api-route.test.js index 739021c3c66b..a954a880f0f9 100644 --- a/packages/astro/test/ssr-api-route.test.js +++ b/packages/astro/test/ssr-api-route.test.js @@ -99,7 +99,7 @@ describe('API routes in SSR', () => { const response = await new Promise(resolve => { let { address: host, port } = devServer.address; let socket = new net.Socket(); - socket.connect(port, host); + socket.connect(port, 'localhost'); socket.on('connect', () => { let rawRequest = `POST /login HTTP/1.1\r\nHost: ${host}\r\n\r\n`; socket.write(rawRequest); From 91a43338e655ad9fa1714d091c12948195d41281 Mon Sep 17 00:00:00 2001 From: Matthew Phillips Date: Wed, 3 May 2023 10:20:31 -0400 Subject: [PATCH 4/6] use localhost in the Host header --- packages/astro/test/ssr-api-route.test.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/astro/test/ssr-api-route.test.js b/packages/astro/test/ssr-api-route.test.js index a954a880f0f9..bd634eb18d66 100644 --- a/packages/astro/test/ssr-api-route.test.js +++ b/packages/astro/test/ssr-api-route.test.js @@ -101,7 +101,7 @@ describe('API routes in SSR', () => { let socket = new net.Socket(); socket.connect(port, 'localhost'); socket.on('connect', () => { - let rawRequest = `POST /login HTTP/1.1\r\nHost: ${host}\r\n\r\n`; + let rawRequest = `POST /login HTTP/1.1\r\nHost: ${'localhost'}\r\n\r\n`; socket.write(rawRequest); }); From 0038dd6b176862b09b6a2055300778d0fae6b9bf Mon Sep 17 00:00:00 2001 From: Matthew Phillips Date: Wed, 3 May 2023 10:57:55 -0400 Subject: [PATCH 5/6] Use 0.0.0.0 --- packages/astro/test/ssr-api-route.test.js | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/packages/astro/test/ssr-api-route.test.js b/packages/astro/test/ssr-api-route.test.js index bd634eb18d66..d68486b14537 100644 --- a/packages/astro/test/ssr-api-route.test.js +++ b/packages/astro/test/ssr-api-route.test.js @@ -97,11 +97,12 @@ describe('API routes in SSR', () => { it('Can set multiple headers of the same type', async () => { const response = await new Promise(resolve => { - let { address: host, port } = devServer.address; + let { port } = devServer.address; + let host = '0.0.0.0'; let socket = new net.Socket(); - socket.connect(port, 'localhost'); + socket.connect(port, host); socket.on('connect', () => { - let rawRequest = `POST /login HTTP/1.1\r\nHost: ${'localhost'}\r\n\r\n`; + let rawRequest = `POST /login HTTP/1.1\r\nHost: ${host}\r\n\r\n`; socket.write(rawRequest); }); From ea8facc9ae740f58a1372235f88a19e694a07d97 Mon Sep 17 00:00:00 2001 From: Matthew Phillips Date: Wed, 3 May 2023 11:08:47 -0400 Subject: [PATCH 6/6] localhost it is --- packages/astro/test/ssr-api-route.test.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/astro/test/ssr-api-route.test.js b/packages/astro/test/ssr-api-route.test.js index d68486b14537..419282b5a389 100644 --- a/packages/astro/test/ssr-api-route.test.js +++ b/packages/astro/test/ssr-api-route.test.js @@ -98,7 +98,7 @@ describe('API routes in SSR', () => { it('Can set multiple headers of the same type', async () => { const response = await new Promise(resolve => { let { port } = devServer.address; - let host = '0.0.0.0'; + let host = 'localhost'; let socket = new net.Socket(); socket.connect(port, host); socket.on('connect', () => {