Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Following redirects drops cookies. #264

Closed
ixti opened this issue Nov 16, 2015 · 5 comments
Closed

Following redirects drops cookies. #264

ixti opened this issue Nov 16, 2015 · 5 comments
Assignees
@ixti
Labels
Bug

Comments

@ixti
Copy link
Member

ixti commented Nov 16, 2015

Reported by @oz: #263 (comment)

Upon following redirects, redirector should send cookies that were sent in response.
@ixti ixti mentioned this issue Nov 16, 2015
Closed
@ixti ixti self-assigned this Nov 16, 2015
@tarcieri
Copy link
Member

Note that this needs to be done carefully with respect to cookie domain scoping rules or it's a potential security vulnerability (e.g. in conjunction with an open redirect)

@ixti
Copy link
Member Author

ixti commented Nov 16, 2015

Good catch. Bright side is that Cookie::Jar has that feature already ;)) So I'll just need to make sure to use it :D

@ixti ixti added this to the v1.0 milestone Dec 13, 2015
@ixti ixti added the Bug label Dec 13, 2015
@tarcieri tarcieri mentioned this issue Dec 13, 2015
Closed
@ixti ixti modified the milestones: v1.0, v1.1 Dec 20, 2015
@ixti ixti modified the milestones: v2.0, v1.1 Mar 20, 2016
@ixti ixti modified the milestones: v2.0, v2.x May 5, 2016
@ixti ixti removed this from the v2.2 milestone Oct 14, 2018
@kyoshidajp kyoshidajp mentioned this issue Jan 2, 2019
Open
@lllusion3469 lllusion3469 mentioned this issue May 4, 2020
Merged
Kache added a commit to Kache/http that referenced this issue Jun 15, 2020
@Kache
DRAFT - Use stateful CookieJar in Redirector
5998288 
As [mentioned](..httprb/issues/264#issuecomment-157070867) in httprb#264, CookieJar
implements cookie domain scoping rules, which is useful when issuing
redirects across domains.

Resolves: httprb#264
Kache added a commit to Kache/http that referenced this issue Jun 15, 2020
@Kache
Use stateful CookieJar in Redirector
f28e363 
As [mentioned](..httprb/issues/264#issuecomment-157070867) in httprb#264, CookieJar
implements cookie domain scoping rules, which is useful when issuing
redirects across domains.

Resolves: httprb#264
@Kache Kache mentioned this issue Jun 15, 2020
Merged
Kache added a commit to Kache/http that referenced this issue Jun 15, 2020
@Kache
Use stateful CookieJar in Redirector
02183ad 
As [mentioned](..httprb/issues/264#issuecomment-157070867) in httprb#264, CookieJar
implements cookie domain scoping rules, which is useful when issuing
redirects across domains.

Resolves: httprb#264
Kache added a commit to Kache/http that referenced this issue Jun 15, 2020
@Kache
Use stateful CookieJar in Redirector
b03076a 
As [mentioned](..httprb/issues/264#issuecomment-157070867) in httprb#264, CookieJar
implements cookie domain scoping rules, which is useful when issuing
redirects across domains.

Resolves: httprb#264
Kache added a commit to Kache/http that referenced this issue Jun 17, 2020
@Kache
Use stateful CookieJar in Redirector
525aad7 
As [mentioned](..httprb/issues/264#issuecomment-157070867) in httprb#264, CookieJar
implements cookie domain scoping rules, which is useful when issuing
redirects across domains.

Resolves: httprb#264
Kache added a commit to Kache/http that referenced this issue Jun 18, 2020
@Kache
Use stateful CookieJar in Redirector
c894167 
As [mentioned](..httprb/issues/264#issuecomment-157070867) in httprb#264, CookieJar
implements cookie domain scoping rules, which is useful when issuing
redirects across domains.

Resolves: httprb#264
Kache added a commit to Kache/http that referenced this issue Jun 20, 2020
@Kache
Use stateful CookieJar in Redirector
fef377b 
As [mentioned](..httprb/issues/264#issuecomment-157070867) in httprb#264, CookieJar
implements cookie domain scoping rules, which is useful when issuing
redirects across domains.

Resolves: httprb#264
@Kache
Copy link

Kache commented Jul 1, 2020

Hi, looking for some feedback in #613 that addresses this issue.

@ixti
Copy link
Member Author

ixti commented Jul 3, 2020

@Kache thank you, sorry for being a bit slow on this, will tackle your PR this weekend.

@tarcieri tarcieri mentioned this issue Dec 14, 2020
Closed
@tarcieri
Copy link
Member

We have #705 complaining about the opposite problem now, that cookie scoping rules aren't implemented correctly.

Regardless, #613 seems to have implemented this, so closing.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ixti ixti

Labels
Bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@tarcieri @ixti @Kache