-
Notifications
You must be signed in to change notification settings - Fork 533
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. Weβll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix(azure): fix cookie format normalization #1753
Conversation
Codecov Report
@@ Coverage Diff @@
## main #1753 +/- ##
==========================================
+ Coverage 77.26% 77.39% +0.13%
==========================================
Files 75 76 +1
Lines 7912 7976 +64
Branches 806 823 +17
==========================================
+ Hits 6113 6173 +60
- Misses 1797 1801 +4
Partials 2 2
|
- Once redis/ioredis#1822 is fixed, remove patch to ioredis - Once Azure/azure-functions-host#162 is fixed, remove patch to nitro that wraps console log. - Once nitrojs/nitro#1753 is merged and released, remove corresponding patch to nitro - Once lucia-auth/lucia#1153 is fixed, rename models/fields in prisma - Once lucia-auth/lucia#1155 is merged and released, remove custom h3 lucia middleware - Once lucia-auth/lucia#1074 is fixed, remove lucia types shims - Enable CSRF protection in lucia (but then login doesn't work anymore...)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for this nice PR and also unit tests π―
I have added few refactors to have basic httponly/secure support, one typo in sameSite
case and also more generic code style.
If something was bad, feel free to amend via a new PR.
Thanks @pi0, your changes are nice improvements! Btw, I think it would make sense to put this cookie parsing actually in h3, and use it to internally store the cookies as nice typed objects. What happens right now if you set a cookie is the following: set cookie as object > serialize cookie to string > now here in the azure handler: parse cookie again to get it back as an object. This whole serialization and parsing business can be skipped for azure and a few other frameworks. As a bonus, you get a nicer api in h3 to handle cookies. |
For now, i think we can also expose it from |
Makes sense. I don't have the time right now, but added it to unjs/h3#509 and unjs/cookie-es#17 so we keep track of it. |
Perfect! Thanks for creating issues. |
π Linked issue
β Type of change
π Description
Cookies set by the users were dropped when the app is deployed to Azure. Reason is that azure expects the cookie to be of the form
{ name: 'key', value: 'val }
but nitro was passing it in the form{ key: 'val' }
.This is fixed, along with a few other improvements. (Refs #1452)
While working on this, I found a bug in the cookie parser: unjs/cookie-es#17
π Checklist