Open backtozero opened 11 months ago
jcamiel
commented
11 months ago Hi @backtozero
Do you have a Hurl file to share that you would expect Hurl to succeed? I'm trying to know if you're raising a bug with the current cookie session implementation or you want a new option to disable cookie for a Hurl file.
In any case, as cookie management is done by default, we can imagine a --no-cookie option.
backtozero
commented
11 months ago @jcamiel The second one. I just wanted a new feature. A toggle that disables this behavior. Yes, something like --no-cookie but can it be in the file itself?
GET https://auth.service.com/rest/v1/OAuth/AccessToken?clientId=ATExVTgwNcI4M4Y=&password=APITest1&returnFormat=json"
Cache-Control: no-cache
HTTP 200
[Captures]
access_token: jsonpath $.respone.token
# This service brings some "set-cookie" which breaks the next request
GET http://another.service-with-cookie.com/customerId
Authorization: Bearer {{access_token}}
HTTP200
[Captures]
customerId: jsonpath $.respone.customerId
POST https://service.com/api/customerData
Authorization: Bearer {{access_token}}
[Options]
no-cookie
{
"customerId":{{customerId}}
}
fabricereix
commented
11 months ago Yes, we try to support to all cli options in the section itself (if it makes sense). Right now, you can use one request per file in order to use different sessions. They will be executed sequentially.
hurl request.hurl request2.hurl request3.hurlChanging from bug label to enhancement 😄
What is the current bug behavior?
Because hurl automatically saves cookies between calls that are in the same file and uses it for subsequent calls it breaks some 3rd party servers with complex/buggy session handling logic. For example server does the cookie processing first and only then checks for Authorization or some api-key headers
Steps to reproduce
Just try to run multiple calls subsequently in a one file with at least some of them returning some cookies
What is the expected correct behavior?
It should be possible to disable, since there are so many different auth methods these days
Execution context
Should affect all
hurl --version): hurl 4.1.0 (x86_64-apple-darwin23.0) libcurl/8.1.2 (SecureTransport) LibreSSL/3.3.6 zlib/1.2.12 nghttp2/1.55.1