Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

WASM cookies #2360

Open
wants to merge 9 commits into
base: master
Choose a base branch
from
Open

WASM cookies #2360

wants to merge 9 commits into from

Conversation

c-git
Copy link

@c-git c-git commented Jul 17, 2024

I got cookies working for WASM to the best of my knowledge. I tested it in my use case and it works. I'm not sure how to add tests for the cookie functionality I added for WASM.

I also have one part of the code that I'm unsure of because I didn't see a clear translation between the native version and the WASM version.

Please let me know what you need me to do or change anything (including if the code I mentioned that I was unsure of is ok).

Edit:

If you need this functionality before the PR lands you can add the following to the bottom of your Cargo.toml. If you need me to rebase to keep up with changes to reqwest let me know (replying here would work as well) as I may not update unless a reason comes up such as I'm doing an updates on my dependencies or a security fixed comes out.

# https://doc.rust-lang.org/cargo/reference/overriding-dependencies.html#testing-a-bugfix
[patch.crates-io]
reqwest = { git = "https://github.com/c-git/reqwest.git", branch = "wasm-cookies" }

@c-git c-git changed the title Wasm cookies WASM cookies Aug 20, 2024
@c-git
Copy link
Author

c-git commented Aug 20, 2024

I rebased the PR and made a few lint related commits. I reviewed the code again in light of #1449 and they are very similar. I put a lot more of the code in wasm/client.rs but for the most part they seem to have a lot of the same things. Before this PR lands I would appreciate some feedback on:

  • If there is a way I should add tests for this
  • If the fact that we do not capture cookies during redirect loops is a problem. This is the native code that does not have a WASM counterpart. TODO for follow up on this.
  • There is a clone of url that isn't needed but I left it to keep the API as similar as possible between WASM and Native. But the function is private so it's likely not a problem to make the change. I did a sample of the version without the clone here here.
  • There is a clone that I did here to get around a lifetime restriction that I couldn't find a way to remove without making the code less easy to read.

@c-git
Copy link
Author

c-git commented Aug 20, 2024

PS. Maybe somewhere we should add a warning that WASM cookies won't work for WebSockets because according to

https://devcenter.heroku.com/articles/websocket-security#authentication-authorization

Since you cannot customize WebSocket headers from JavaScript, you’re limited to the “implicit” auth (i.e. Basic or cookies) that’s sent from the browser. Further, it’s common to have the server that handles WebSockets be completely separate from the one handling “normal” HTTP requests. This can make shared authorization headers difficult or impossible.

The emphasis above is mine. The way cookies are implemented right now for WASM is very similar to how it is done for native which means in the browser it has to use JavaScript to set the cookies in the header which is not allowed for WebSocket requests.

Namely
- impl fmt::Debug for ClientBuilder
- impl fmt::Debug for Client
Didn't fit well with merging of headers as the headers needed to be
re-borrowed anyway to get url
Resolved dead_code warning and was useful even if not to me
clippy::redundant_pattern_matching
@c-git
Copy link
Author

c-git commented Dec 11, 2024

I think the current version PR as is still be helpful for more than just me.and the Websocket issue is kinda out of reach without trying to use the browsers cookie store. If we could merge this I'd appreciate it as I need it and don't really want to have to keep maintaining a fork.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant