Cookie loss on 2.0 RC3

[gx0r]

With a cookie header like:

cookie:koa:sess=eyJwaG9uZW51bWJlclVuYXV0aGVkIjpudWxsLCJfZXhwaXJlIjoxMTQzOTM0OTI5MTkxNSwiX21heEFnZSI6OTk5OTk5OTk5OTAwMH0=; koa:sess.sig=bALfJCqWqJY8LmXOotL2Mvmk_yU; jwt=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJwaG9uZW51bWJlciI6IjU1NTg2NzUzMDkiLCJpYXQiOjE0MzkzNDk0MjB9.bSvXG8Ig4TjmAgRIAlxFCvX7ndquI6rEDDEjOEe7G-c

From koa app, this.cookies.get('jwt') returns nothing.

 spdy:window:server id=0 side=recv update by=-73 [1047256/1048576] +59ms
  spdy:connection:server id=0 frame +1ms { type: 'HEADERS',
  id: 15,
  priority: { parent: 0, exclusive: false, weight: 110 },
  fin: true,
  writable: true,
  headers: 
   { ':authority': 'localhost:8443',
     ':method': 'GET',
     ':path': '/api/file/dd56ba06-7a5c-41fa-a6b2-41197360d4b0',
     ':scheme': 'https',
     accept: 'image/webp,*/*;q=0.8',
     'accept-encoding': 'gzip, deflate, sdch',
     'accept-language': 'en-US,en;q=0.8',
     cookie: 'koa:sess=eyJwaG9uZW51bWJlclVuYXV0aGVkIjpudWxsLCJfZXhwaXJlIjoxMTQzOTM0OTI5MTkxNSwiX21heEFnZSI6OTk5OTk5OTk5OTAwMH0=',
     referer: 'https://localhost:8443/?/conversations',
     'user-agent': 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.130 Safari/537.36' },
  path: '/api/file/dd56ba06-7a5c-41fa-a6b2-41197360d4b0' }
  spdy:priority add node=15 parent=0 +0ms
  spdy:connection:server id=0 add stream=15 +0ms
  spdy:server override req/res +1ms
  spdy:stream:server id=15 end +0ms

  UnauthorizedError: Invalid token

Here is browser request headers sent:

:method:GET
:path:/api/file/dd56ba06-7a5c-41fa-a6b2-41197360d4b0
:scheme:https
accept:image/webp,*/*;q=0.8
accept-encoding:gzip, deflate, sdch
accept-language:en-US,en;q=0.8
cookie:koa:sess=eyJwaG9uZW51bWJlclVuYXV0aGVkIjpudWxsLCJfZXhwaXJlIjoxMTQzOTM0OTI5MTkxNSwiX21heEFnZSI6OTk5OTk5OTk5OTAwMH0=; koa:sess.sig=bALfJCqWqJY8LmXOotL2Mvmk_yU; jwt=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJwaG9uZW51bWJlciI6IjU1NTg2NzUzMDkiLCJpYXQiOjE0MzkzNTAxMTd9.vE5BZBmKRCJq62LZpSNbF26DPh7OJgrTVkXTZVCTwEw
referer:https://localhost:8443/?/conversations
user-agent:Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.130 Safari/537.36

[indutny]

So basically it does not see a cookie that was sent by a browser?

[gx0r]

Yes, exactly. Browser sends 3 cookies, looks like only first one ("koa:sess") was seen on server.

[indutny]

Interesting! I'll figure it out ;)

[indutny]

According to the logs, the cookie appears to be received by the server. Do you have a test case?

[gx0r]

I don't get JWT cookie on the server. I don't have a test case yet, just found it toggling back and forth between SPDY and HTTPS.

[gx0r]

In debug log on server, cookie looks like

cookie: 'koa:sess=eyJwaG9uZW51bWJlclVuYXV0aGVkIjpudWxsLCJfZXhwaXJlIjoxMTQzOTM0OTI5MTkxNSwiX21heEFnZSI6OTk5OTk5OTk5OTAwMH0='

But I would expect it to show:

cookie:koa:sess=eyJwaG9uZW51bWJlclVuYXV0aGVkIjpudWxsLCJfZXhwaXJlIjoxMTQzOTM0OTI5MTkxNSwiX21heEFnZSI6OTk5OTk5OTk5OTAwMH0=; koa:sess.sig=bALfJCqWqJY8LmXOotL2Mvmk_yU; jwt=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJwaG9uZW51bWJlciI6IjU1NTg2NzUzMDkiLCJpYXQiOjE0MzkzNTA0NjV9.k4QRQsEKMSqUOX3D9cJTI-dU2xmr5j8z4w-h2Y8yGL4

If that makes sense. It appears to lose jwt and koa:sess.sig cookies :+1:

[indutny]

Arrgh. I see, one sec

[indutny]

Fixed, thanks! Please update to rc4

[gx0r]

Awesom! I might be getting one last bug now, I'm using https://github.com/koajs/session and something is still amiss with the cookies. I put a value into the session and it gets lost only on spdy. I'll put together more info later.

[indutny]

@llambda yeah, I need a test case :)

[gx0r]

Sure. It seems like the proper cookies are visible in debug output now, but when koa-session calls this.cookies.get(opts.key, opts); it gets an undefined.