Open fabb opened 3 weeks ago
The problem is this line: https://github.com/villadora/express-http-proxy/blob/master/app/steps/copyProxyResHeadersToUserRes.js#L13
It looks like if the proxied backend returns Set-Cookie
header, it overwrites these headers if they were already set on the user response object.
The problem is that there is no workaround using userResHeaderDecorator
because copyProxyResHeadersToUserRes
runs before it and already deleted the headers.
@fabb Thanks for the detailed report and fix. I'll review this week.
We have some middlewares before the proxy middleware to handle setting cookies (like authentication and others). We set cookies like this in previous middlewares:
res.cookie('name', 'value')
.Responses that are proxies do not contain these
Set-Cookie
headers though. Other headers seem to pass fine.We do not use
userResHeaderDecorator
.express-http-proxy should not remove any
Set-Cookie
headers that have already been set on the response object.