-
Notifications
You must be signed in to change notification settings - Fork 27.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: fixes cookie override during redirection from server action #61633
Conversation
b577744
to
3c3dc85
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Noted
@shuding Thanks a lot for approval but I see the merge button is still disabled for me. Let me know if I am missing any steps. |
Hi team, we are implementing some auth flow that will be simplified a lot with these changes. We are currently working around it via returning cookies to a client and then shooting another request and then redirect. Can attract some attention to this, maybe @ztanner ? I saw you fixed a bunch of things in recent months, could you take your eyes on it please? If it doesn't affects your existing priorities or planned scope 🙏🏻🙏🏻 |
) ### What? Fixes vercel#61611 ### Why? Any one having custom server may be having logic to set cookies during GET requests too. Currently nextjs in app directory does not allow to do so but with custom server its very much possible. ### How? By merging cookies of redirect response and server action POSt response ### Tests I have added one more test to existing suite and it passing with fix in place. ![image](https://github.com/vercel/next.js/assets/6815560/858afdbb-c377-49eb-9002-fcbdf06583a4) ### Notes This bug is reproducible only if developer has custom server on top of next app but still very probable --------- Co-authored-by: Shu Ding <g@shud.in> Co-authored-by: JJ Kasper <jj@jjsweb.site>
What?
Fixes #61611
Why?
Any one having custom server may be having logic to set cookies during GET requests too. Currently nextjs in app directory does not allow to do so but with custom server its very much possible.
How?
By merging cookies of redirect response and server action POSt response
Tests
I have added one more test to existing suite and it passing with fix in place.
Notes
This bug is reproducible only if developer has custom server on top of next app but still very probable