Closed lifeisfakenews closed 5 months ago
I think it's expected to be, as it's going to be part of a set-cookie header which with best practices is safe to be encoded/decoded at the server.
You can obtain the right value by just using Astro.cookies.get("example") as in your reproduction to obtain the right decoded value.
On the client side, it becomes a better practice to decode value after splitting by ;
.
I could decode the cookies on the client side but that would require updates in many parts of my codebase, and this doesn't seem to be expected, it isn't documented anywhere and from my experience, only happens to my astro project.
If i set the set-cookie header myself, astro doesnt URL encode the values then, so why should it if i set it via Astro.cookies?
I might be wrong, there might be a different reason for this but based on what i know, it seems a strange thing to encode the set-cookie value - browsers and such can figure it out, marked by ;
since document.cookie = "..."
works
According to RFC 6265, whitespaces are not allowed in cookie values. MDN also mentions that in Document: cookie property and Set-Cookie.
As to the reason why the value is URL-encoded, I found that when setting cookies, Astro uses the serialize
method from cookie. Its default behavior is to use encodeURIComponent
to encode the value.
If you need to keep the original text for some reason, you can pass your custom encode
method like this:
Astro.cookies.set('example', 'test value', {
encode(value) {
return value;
},
});
browsers (at least Firefox and Chrome) aren't following the spec ig
thx for that, i will use a defined serialise method then
Let's wait for Astro's maintainers to decide if it is an expected behavior or not. If it's considered a bug, I'm willing to create a PR 🙂
Astro doesn't run in the browser and the browser doesn't interface with the Set-Cookie header. Given that this is just the default behavior of the battle-tested cookie
library I think we'll close. Thanks for the great explanation @mingjunlu
Astro Info
If this issue only occurs in one browser, which browser is a problem?
No response
Describe the Bug
When setting cookies with
Astro.cookies.set
in SSR, the value of the cookie is being URL encoded (in my case,` ->
%20`)This doesn't happen when setting a cookie via
document.cookie
in client-side javascript, so i assume that isnt intended with this eitherWhat's the expected result?
Setting a cookie with the value
test value
should then show the valuetest value
in the browser's dev tools/cookie/storage debug area, instead oftest%20value
Link to Minimal Reproducible Example
https://stackblitz.com/edit/github-apdxuw?file=src%2Fpages%2Findex.astro
Participation