Giters

http4s / http4s

A minimal, idiomatic Scala interface for HTTP

Home Page:https://http4s.org/

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Client: A header from Play Framework unsetting a cookie isn't properly parsed into Response.cookies

henricook opened this issue · comments

commented

This raw response Set-Cookie header is coming from my Play Framework controller when discarding a cookie Set-Cookie: __Host-SessionId=; Max-Age=0; Expires=Thu, 01 Jan 1970 00:00:00 GMT; SameSite=None; Path=/; Secure

This doesn't make it into the res.cookies property of my http4s client response object, it's accessible on the same response object using res.headers.get("Set-Cookie".ci)

I'm using http4s 0.23.26

Here's an illustrative (I think) failing test that I threw into HeadersSpec for want of a better place

  test("expired, empty Cookies in header(s) should be parsed into corresponding ResponseCookies") {
      val resp = Response().putHeaders("Set-Cookie" -> "test1=; Max-Age=0; Expires=Thu, 01 Jan 1970 00:00:00 GMT; SameSite=None; Path=/; Secure")
      assertEquals(resp.cookies.length, 1)
  }

By varying values in this test it looks like the Max-Age of zero is the issue

Edit: PR raised as a focus for discussion: #7435