Cookies and authorization headers dropped when making HTTP requests that redirect [iOS] #15918
Comments
|
Hi @joshdhenry , did you found a way to solve this? Thanks |
|
@aferrerallu Unfortunately, I was unable to find a solution beyond modifying the React Native Objective-C source code. In my case, we took the route of creating our own API, where we were able to eliminate the redirects we were facing and avoid this problem. |
|
Ok. I had to change the way the backend receives the authentication token in my case. |
|
Yep, this appears to be yet another bug introduced by the proprietary cookie handling that the React Native maintainers approved in #10575. It's yet another example of why React Native should not be rolling its own networking logic. To anybody struggling with this issue, I'm afraid you're going to need to manually patch your RN iOS code, as suggested by @joshdhenry. I've explained how to do this in a semi-sustainable manner in this comment: #16127 (comment) |
|
Hey there, it looks like there has been no activity on this issue recently. Has the issue been fixed, or does it still require the community's attention? This issue may be closed if no further activity occurs. You may also label this issue as "For Discussion" or "Good first issue" and I will leave it open. Thank you for your contributions. |
stale
bot
added
the
Stale
|
Closing this issue after a prolonged period of inactivity. If this issue is still present in the latest release, please feel free to create a new issue with up-to-date information. |
Is this a bug report?
Yes
Have you read the Contributing Guidelines?
Yes
Environment
react-native -v: react-native-cli: 2.0.1; react-native: 0.46.2node -v: v8.1.3npm -v: 5.0.3Target Platform: iOS
Development Operating System: macOS 10.12.6
Build tools: Xcode
Steps to Reproduce
Expected Behavior
Expect fetch request to carry cookie and authorization headers over to subsequent HTTP requests when being redirected.
Actual Behavior
Cookies and authorization headers from responses are not carried over into subsequent HTTP requests when being redirected.
Temporary solution
The temporary solution I am using is to edit the React Native source code to intercept each redirect, append the cookie from the last response to the new request, and manually append the authorization header to the new request.
@interface RCTHTTPRequestHandler () <NSURLSessionDataDelegate>with this line:
@interface RCTHTTPRequestHandler () <NSURLSessionDataDelegate, NSURLSessionTaskDelegate>RCT_EXPORT_MODULE()insert these lines:
//Modified React Native to manually append the correct cookie to redirected HTTP requests. This carries the cookie through to completion when authenticating.- (void)URLSession:(NSURLSession *)session task:(NSURLSessionTask *)task willPerformHTTPRedirection:(NSHTTPURLResponse *)response newRequest:(NSURLRequest *)request completionHandler:(void (^)(NSURLRequest * _Nullable))completionHandler {NSDictionary *cookiesDict = [NSHTTPCookie requestHeaderFieldsWithCookies: [NSHTTPCookieStorage sharedHTTPCookieStorage].cookies];NSMutableURLRequest *newRequest = [request mutableCopy];for (NSString *key in [cookiesDict allKeys]) {[newRequest setValue: [cookiesDict valueForKey:key] forHTTPHeaderField: key];}//Manually append authorization headersNSString *authStr = [NSString stringWithFormat:@"%@:%@", @“user_name_here”, @“password_here"];NSData *authData = [authStr dataUsingEncoding:NSUTF8StringEncoding];NSString *authValue = [NSString stringWithFormat:@"Basic %@", [authData base64EncodedStringWithOptions:0]];[newRequest setValue:authValue forHTTPHeaderField:@"Authorization"];completionHandler(newRequest);}The text was updated successfully, but these errors were encountered: