chimurai / http-proxy-middleware

:zap: The one-liner node.js http-proxy middleware for connect, express, next.js and more
MIT License
10.76k stars 847 forks source link

Response cookies not being set in browser #819

Closed anirudhkhanna-oyo closed 2 years ago

anirudhkhanna-oyo commented 2 years ago

Checks

Describe the bug (be clear and concise)

Hi,

I'm using http-proxy-middleware@2.0.6 to proxy requests to an endpoint where a website is hosted. Before this proxy happens, my application sets a few cookies (using the regular res.cookie() method). The proxied endpoint (the website application), also sets some response cookies.

For eg. Cookie set by my node app: res.cookie('node_cookie', 'node') Cookie set by the proxied website: 'web_cookie': 'web' (somewhere in the website's JS)

The issue I'm facing is that the cookies which my node app is trying to set are never reflected in the browser. Only the cookies coming in the proxied website's response are set.

Now after digging a bit, we've got these two objects, proxyRes and res:

onProxyRes: (proxyRes, req, res) => {
    console.log(res.getHeaders()['set-cookie']); // Has 'node_cookie'
    console.log(proxyRes.headers['set-cookie']); // Has 'web_cookie'
}

Only the cookies present in proxyRes are being set, and the cookies from the current res object are ignored for some reason.

Additionally, I noticed that the res cookies are getting set successfully when proxyRes has no Set-Cookie header.

Step-by-step reproduction instructions

1. Set some cookies in Node/Express response using res.cookie(...)
2. Try proxying to an endpoint which sets a cookie
3. Notice on the browser that only the proxied website's cookies are set. The ones being set via Node are ignored.

Expected behavior (be clear and concise)

Both sets of cookies should be set successfully.

How is http-proxy-middleware used in your project?

prism@1.0.0 /Users/*******/Desktop/projects/node-app
└── http-proxy-middleware@2.0.6

What http-proxy-middleware configuration are you using?

createProxyMiddleware({
  target: 'http://www.example-target.com',
  changeOrigin: true,
  debug: true,
  logger: console
})

What OS/version and node/version are you seeing the problem?

MacOS v11.6
Chrome latest v104
Node v16.16.0

Additional context (optional)

No response

chimurai commented 2 years ago

Without a minimal reproducible example there is little I can do. Think this belongs to discussion for issues with your setup.