Cookies for subdomains - Githubissues

snoyberg / http-client

An HTTP client engine, intended as a base layer for more user-friendly packages.

275 stars 193 forks source link

Cookies for subdomains #434

Open uzhas-sovka opened 4 years ago

uzhas-sovka commented 4 years ago

Let's, for example, set cookie for site.com:

Cookie {cookie_name = "some_name", cookie_value = "some_value", cookie_domain = "site.com"}

This cookie is sent successful when I send request to site.com. It is not sent to test.site.com.

Now let's add dot to cookie_domain

Cookie {cookie_name = "some_name", cookie_value = "some_value", cookie_domain = ".site.com"}

Now it's not sent neither to site.com nor to test.site.com.

Is this expected behavior?

snoyberg commented 4 years ago

Looking at this StackOverflow answer, it looks like RFC 6265 is currently accepted for cookie handling with subdomains. According to that SO answer:

In summary, if you set a cookie like the second example above from mydomain.com, it would be accessible by subdomain.mydomain.com, and vice versa. This can also be used to allow sub1.mydomain.com and sub2.mydomain.com to share cookies.

I'd be open to a PR that brings http-client in line with RFC 6265.

uzhas-sovka commented 4 years ago

I saw SO answer and thought I might be doing something wrong with http-client. Finally I stepped back to list all domains explicitly

Cookie {cookie_name = "some_name", cookie_value = "some_value", cookie_domain = "first.site.com"}
Cookie {cookie_name = "some_name", cookie_value = "some_value", cookie_domain = "second.site.com"}
Cookie {cookie_name = "some_name", cookie_value = "some_value", cookie_domain = "third.site.com"}