Is cookies format specific to browsers?

[melezhik]

I have very strange bug when my cookies works fine when tested with safari and I see random issues with working with another browsers, like Mozilla and Chromium.

21:23 | melezhik | for mbf - http://161.35.115.119/mbf/
21:24 | melezhik | I don't think that cookies format is specific to browsers?
21:24 | melezhik | basically I use standard cro function - https://github.com/melezhik/mybutterflies/blob/master/app.raku#L232
21:24 | melezhik | to set cookies on server side ...
21:24 | melezhik | that is it
21:28 | melezhik | duck duck go browser works fine as well ...
21:31 | melezhik | yeah, just checked things, looks like does not work properly in Firefox ((

This is how I set cookies in my cro web app - https://github.com/melezhik/mybutterflies/blob/master/app.raku#L232

[jnthn]

Setting both max-age and expires seems redundant, but I doubt that would cause a problem; indeed, looking in the Chrome developer tools, it seems to have ended up with a sensible expiration value. Alas, they also seem to have been set correctly in general, which gives me little insight into the problem.

There are restrictions in what exactly is allowed in the value of a cookie, and I could imagine browsers being differently liberal about that; it's been a while since I last looked into it, but I believe there's no encoding standard for cookies, and Cro doesn't attempt to, for example, automagically base64 cookie values. It might be worth checking exactly what the values are that cause problems.

[melezhik]

@jnthn thanks for that. after some debugging, it turned out a cache problem, so some browsers cache reposponses instead of go to server every time, this causes these subtle bugs ( so when no actually login/logout happens ) - which I thought was because of cookies initially, now I don't think so.

I am just not sure why some browsers ( like safari and duck duck go ) does not cache pages, while other do ( Firefox, chrome).

I just disabled cache in my Firefox in developer mode and the mentioned web site work juts fine ... 🤔

I tried to use cache-control for certain cached endpoints but this did not help ...

[melezhik]

finally it was my nginx who did caching, I had to disable it on nginx side:

        location /mbf/ {
                # First attempt to serve request as file, then
                # as directory, then fall back to displaying a 404.
                #try_files $uri $uri/ =404;

                # kill cache
                add_header Last-Modified $date_gmt;
                add_header Cache-Control 'no-store, no-cache';
                if_modified_since off;
                expires off;
                etag off;

                proxy_pass http://127.0.0.1:2000/;
        }

[melezhik]

an interesting experience with nginx/cro anyway. I wonder if anything could be improved on cro side, to make nginx thinks it does need to cache cro backend application? 🤔

[melezhik]

upss. caching still happens, but now I guess - it's because of browsers, not nginx ...

[melezhik]

finally I noticed that.

If I have get cro route that generates redirect:

https://github.com/melezhik/mybutterflies/blob/master/app.raku#L305-L318

  get -> 'foo' {

    redirect "/foo/bar"
  }

this will make some browsers ( firefox, chrome ) cache sometimes requests GET /foo, a workaround I found is to add some dummy query string when call /foo : GET foo?q=123 and this disables browser caching ...

https://github.com/melezhik/mybutterflies/blob/master/lib/MyButterfly/HTML.rakumod#L84

I find this weird, but looks like this works