Closed glynnbird closed 3 years ago
@robman87 I think your solution is certainly more compact! But cookie parsing can be a more complex business - imagine someone is using to communicate with CouchDB behind a proxy or a load balancer that also sets its own cookies. It's probably best to use a "real" library to make sure that all cookies are set, replayed and expired properly if this library is going to support cookies (optionally). Many thanks for raising the problem.
oops closed wrong PR
Great explanation, I suspected that the reason you pulled in extra libraries was because of more complex use cases. My use case is very simple, only calling CouchDB directly from internal IPs or one subdomain behind a simple proxy so the simplest solution was enough. Thanks for your excellent work 🥇
Overview
In Nano 8, supplying
{jar: true}
when starting up Nano forced therequest
library to parse, store and replay cookies which made theauth
endpoint work correctly. In Nano 9, the axios library has no built-in cookie support so this PR fixes that by adding a couple of dependencies and using them when the{jar: true}
parameter is set.Thanks to @robman87 for pointing this out. His PR was simpler but I opted for a "proper" cookie parser because folks use CouchDB in a lot of different ways and they may want their library/client to correctly interpret/parse/invalidate other cookies correctly too - not just the CouchDB authentication session cookie.
Related Pull Requests
Checklist