Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: fixes cookie override during redirection from server action #61633

Merged
merged 6 commits into from
Apr 4, 2024
Merged

fix: fixes cookie override during redirection from server action #61633

Show file tree
Hide file tree
Changes from 2 commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
7f42b6f
fix: fixes cookie override during redirection from server action
technikhil314 Feb 4, 2024
f6a685a
chore: uddated inline comment explanation
technikhil314 Feb 4, 2024
348c28e
fix: removed unwanted copy of cookies logic
technikhil314 Mar 12, 2024
43d5994
Merge branch 'canary' into canary
shuding Mar 16, 2024
832f441
Merge branch 'canary' into canary
technikhil314 Mar 29, 2024
da9e732
Merge branch 'canary' into canary
ijjk Apr 4, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
22 changes: 19 additions & 3 deletions packages/next/src/server/app-render/action-handler.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -220,22 +220,38 @@ async function createRedirectRenderResult(
if (
headResponse.headers.get('content-type') === RSC_CONTENT_TYPE_HEADER
) {
const response = await fetch(fetchUrl, {
const redirectResponse = await fetch(fetchUrl, {
method: 'GET',
headers: forwardedHeaders,
next: {
// @ts-ignore
internal: 1,
},
})
//copy cookies from the redirect response to respose we're sending before copying other headers
//this is needed only in case of custom server created by developer
//cause nextjs app dir does not allow to set cookies from components
const redirectResponseCookies = new ResponseCookies(
redirectResponse.headers
)
const responseCookies = new ResponseCookies(
fromNodeOutgoingHttpHeaders(res.getHeaders())
)
technikhil314 marked this conversation as resolved.
Show resolved Hide resolved
redirectResponseCookies.getAll().forEach((cookie) => {
if (typeof cookie.value === 'undefined') {
responseCookies.delete(cookie.name)
} else {
responseCookies.set(cookie)
}
})
// copy the headers from the redirect response to the response we're sending
for (const [key, value] of response.headers) {
for (const [key, value] of redirectResponse.headers) {
if (!actionsForbiddenHeaders.includes(key)) {
res.setHeader(key, value)
}
}

return new FlightRenderResult(response.body!)
return new FlightRenderResult(redirectResponse.body!)
}
} catch (err) {
// we couldn't stream the redirect response, so we'll just do a normal redirect
Expand Down
1 change: 1 addition & 0 deletions packages/next/src/server/lib/server-ipc/utils.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@ export const ipcForbiddenHeaders = [
export const actionsForbiddenHeaders = [
...ipcForbiddenHeaders,
'content-length',
'set-cookie',
technikhil314 marked this conversation as resolved.
Show resolved Hide resolved
]

export const filterReqHeaders = (
Expand Down
6 changes: 5 additions & 1 deletion test/e2e/app-dir/app-basepath-custom-server/custom-server/app/page.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,8 +1,12 @@
import { redirect } from 'next/navigation'
import { cookies } from 'next/headers'

async function action() {
'use server'

cookies().set(
'custom-server-action-test-cookie',
'custom-server-action-test-cookie-val'
)
redirect('/another')
}

Expand Down
5 changes: 4 additions & 1 deletion test/e2e/app-dir/app-basepath-custom-server/custom-server/server.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,10 @@ async function main() {
try {
const parsedUrl = parse(req.url, true)
const { pathname } = parsedUrl

res.setHeader(
'set-cookie',
'custom-server-test-cookie=custom-server-test-cookie-val'
)
if (pathname.startsWith('/base')) {
await handle(req, res, parsedUrl)
} else {
Expand Down
25 changes: 23 additions & 2 deletions test/e2e/app-dir/app-basepath-custom-server/index.test.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
import { join } from 'path'
import { createNextDescribe } from 'e2e-utils'
import { retry } from 'next-test-utils'
import { check, retry } from 'next-test-utils'
import { join } from 'path'

createNextDescribe(
'custom-app-server-action-redirect',
Expand Down Expand Up @@ -35,5 +35,26 @@ createNextDescribe(
// Count should still be 2 as the browser should not have reloaded the page.
expect(await getCount()).toBe('Count: 2')
})

it('redirects with proper cookies set from both redirect response and post respose', async () => {
const browser = await next.browser('/base')

await browser.elementById('submit-server-action-redirect').click()

expect(await browser.waitForElementByCss('#another').text()).toBe(
'Another Page'
)
expect(await browser.url()).toBe(
`http://localhost:${next.appPort}/base/another`
)
await check(
() => browser.eval('document.cookie'),
/custom-server-test-cookie/
)
await check(
() => browser.eval('document.cookie'),
/custom-server-action-test-cookie/
)
})
}
)