Client: A header from Play Framework unsetting a cookie isn't properly parsed into Response.cookies
henricook opened this issue · comments
This raw response Set-Cookie
header is coming from my Play Framework controller when discarding a cookie Set-Cookie: __Host-SessionId=; Max-Age=0; Expires=Thu, 01 Jan 1970 00:00:00 GMT; SameSite=None; Path=/; Secure
This doesn't make it into the res.cookies
property of my http4s client response object, it's accessible on the same response object using res.headers.get("Set-Cookie".ci)
I'm using http4s 0.23.26
Here's an illustrative (I think) failing test that I threw into HeadersSpec
for want of a better place
test("expired, empty Cookies in header(s) should be parsed into corresponding ResponseCookies") {
val resp = Response().putHeaders("Set-Cookie" -> "test1=; Max-Age=0; Expires=Thu, 01 Jan 1970 00:00:00 GMT; SameSite=None; Path=/; Secure")
assertEquals(resp.cookies.length, 1)
}
By varying values in this test it looks like the Max-Age of zero is the issue
Edit: PR raised as a focus for discussion: #7435