-
Notifications
You must be signed in to change notification settings - Fork 16
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
FBCM-5157 Allow multiple SetCookie headers in response #197
FBCM-5157 Allow multiple SetCookie headers in response #197
Conversation
This module contains the `MultiHeaders` type which encapsulates the concept of duplicated headers (or headers with multiple values, like "Set-Cookie").
We add `multiHeaders` fields to both `HTTPure.Request.Request` and `HTTPure.Response.Response`, so that headers with multiple values can be both read from requests and written to responses. We've chosen this incremental approach instead of changing `HTTPure.Headers` to avoid a large breaking change.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This looks great! I just have a few questions/comments below.
Some people could have been relying on the old `show` functionality, so we bring it back under the `toString` name.
Before this commit, headers that existed in both `headers` and `multiHeaders` were written to the response only with their `multiHeaders` values. We fix this so that they're joined as if they were all added to `multiHeaders`.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for making those changes! This looks great, but I do think we should add something to docs/Examples
before merging.
When testing the old implementation of this function with an actual node.js request, the `request.headersDistinct` property did not exist, even in node.js versions greater than v16.17.0, which, according to https://nodejs.org/api/http.html#messageheadersdistinct is when the property was added. We fix this by using `request.rawHeaders` instead.
Adding an example for |
Ah, nice catch! So it looks like the new implementation will have the desired behavior when there are duplicate
I think the behavior here makes sense.
For
Seems like the
I think the behavior here is fine on both ends. |
I don't think that should be done in this PR.
We could just filter out |
Agreed. Created an issue (#198) for the idea.
That works as well. |
We must do this in order to avoid runtime type errors when trying to access `Set-Cookie` request headers. The reason is that node.js specializes the reading of `Set-Cookie` and makes that one specific header an `Array String` instead of `String`. See https://nodejs.org/api/http.html#messageheaders for more details.
@davezuch done |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is great! I think it's good to go. I just want to point out the asymmetry of how the headers will be used on the request and response sides, to make sure we think it makes sense.
When creating a response, we're not going have duplicate headers in the HTTPure.Headers
and HTTPure.MultiHeaders
, we might construct something like:
response
{ headers =
HTTPure.Headers.header "Host" "127.0.0.1:8000"
<> HTTPure.Headers.header "Accept" "*/*"
, multiHeaders =
HTTPure.MultiHeaders.header "Cookie" "foo=bar"
<> HTTPure.MultiHeaders.header "Cookie" "Authorization=\"Token XXX\""
}
Meanwhile, when reading a request, we will have duplicate headers. The same headers in a request would look something like:
request
{ headers =
HTTPure.Headers.header "Host" "127.0.0.1:8000"
<> HTTPure.Headers.header "Accept" "*/*"
<> HTTPure.Headers.header "Cookie" "foo=bar; Authorization=\"Token XXX\""
, multiHeaders =
HTTPure.MultiHeaders.header "Host" "127.0.0.1:8000"
<> HTTPure.MultiHeaders.header "Accept" "*/*"
<> HTTPure.MultiHeaders.header "Cookie" "foo=bar"
<> HTTPure.MultiHeaders.header "Cookie" "Authorization=\"Token XXX\""
}
That seem right?
Yes, that seems about right to me. The reason is that we want to avoid breaking changes (except for the |
Yeah, I agree, I just wanted to make sure we're on the same page. As you mentioned, we will need to release this as a breaking change due to the change in behavior for |
@davezuch Do you know what's the release process for this library? Looks like we should be running |
Although it looks like some steps have changed now that the registry is a thing. Maybe see https://github.com/purescript-contrib/governance/blob/main/pursuit-preregistry.md and update the releasing guide accordingly? (probably just swap the link in step 4 to point to this page instead)? |
Oh I tried searching the repo for a file like that but missed it. Thanks @cprussin! |
We add the
HTTPure.MultiHeaders
module and use it inHTTPure.Request
andHTTPure.Response
for reading and writing headers with multiple values.We chose this approach instead of adding support for duplicated headers to
HTTPure.Headers
in order to avoid a large breaking change.Resolves #157.