Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Cookie not saved in browser

See original GitHub issue

Expected behavior

I expected to use the proxy middleware so that when I query http://localhost:8080/api/myurl with ajax it will actually send the request to https://dev.mydomain.com/api/myurl, and return a header with set-cookie that will be saved in my browser and used the next time I run another ajax query to that endpoint.

Actual behavior

The proxy seems to be working and reaching the proper endpoint correctly and set-cookie returns a correct looking domain=dev.mydomain.com without secure but it is not saved in my browser and therefore not included with the following request. I’ve tried changing the target and cookieDomainRewrite options but have not successfully had a cookie saved from my response. I tried the method outlined in issue #137 and repeated below. This seems to manually read and write the cookie relative headers? However, when I do this I receive a response from the correct domain but the wrong (missing) subdomain. How can I preserve the subdomain? Or am I doing something else wrong with this setup?

Setup

http-proxy-middleware: _version_0.17.2
using vuejs-templates/webpack

proxy middleware configuration

var proxyOptions = {
    target: 'https://dev.mydomain.com/',
    changeOrigin: true,
    ws: true,
    secure: false,
    cookieDomainRewrite: "dev.mydomain.com",
    debug: true,
    onProxyReq: relayRequestHeaders,
    onProxyRes: relayResponseHeaders
}
function relayRequestHeaders(proxyReq, req) {
   Object.keys(req.headers).forEach(function (key) {
     proxyReq.setHeader(key, req.headers[key]);
   });
 }
function relayResponseHeaders(proxyRes, req, res) {
   Object.keys(proxyRes.headers).forEach(function (key) {
     res.append(key, proxyRes.headers[key]);
   });
 }
var apiProxy = proxy('/api', proxyOptions);

Issue Analytics

State:
Created 6 years ago
Comments:10 (3 by maintainers)

Top GitHub Comments

7reactions

chimuraicommented, Jun 6, 2017

Since you are trying to proxy between http <-> https; You might want to check your cookie flags. (Especially the secure flag);

The cookie will not be set if this flag is present in the response, because you’re running http on localhost.

More info: https://blog.dareboost.com/en/2016/12/secure-cookies-secure-httponly-flags/

5reactions

p2yangcommented, Jan 16, 2020

It works for me.

onProxyRes: (proxyRes, req, res) => {
  const sc = proxyRes.headers['set-cookie'];
  if (Array.isArray(sc)) {
    proxyRes.headers['set-cookie'] = sc.map(sc => {
      return sc.split(';')
        .filter(v => v.trim().toLowerCase() !== 'secure')
        .join('; ')
    });
  }
}