Skip to content

Commit

Permalink
Added Cookie Header to XML and Websocket request
Browse files Browse the repository at this point in the history 
Summary:
Continuation of Pull Request #7167

#7167

Needed to clean my repository. So created this Pull Request
Closes #10575

Differential Revision: D4955291

Pulled By: shergin

fbshipit-source-id: 94b9a086b7cf70ee6cc152d0b1a36c260140450e
  • Loading branch information
@seraj-ahmad @facebook-github-bot
seraj-ahmad authored and facebook-github-bot committed May 24, 2017
1 parent bea7659 commit 047961f
Show file tree
Hide file tree
Showing 3 changed files with 30 additions and 1 deletion.
3 changes: 3 additions & 0 deletions Libraries/Network/RCTHTTPRequestHandler.mm
View file
Original file line number Diff line number Diff line change
Expand Up @@ -63,6 +63,9 @@ - (NSURLSessionDataTask *)sendRequest:(NSURLRequest *)request
callbackQueue.maxConcurrentOperationCount = 1;
callbackQueue.underlyingQueue = [[_bridge networking] methodQueue];
NSURLSessionConfiguration *configuration = [NSURLSessionConfiguration defaultSessionConfiguration];
[configuration setHTTPShouldSetCookies:YES];
[configuration setHTTPCookieAcceptPolicy:NSHTTPCookieAcceptPolicyAlways];
[configuration setHTTPCookieStorage:[NSHTTPCookieStorage sharedHTTPCookieStorage]];
_session = [NSURLSession sessionWithConfiguration:configuration
delegate:self
delegateQueue:callbackQueue];
Expand Down
14 changes: 13 additions & 1 deletion Libraries/Network/RCTNetworking.mm
View file
Original file line number Diff line number Diff line change
Expand Up @@ -228,7 +228,19 @@ - (RCTURLRequestCancellationBlock)buildRequest:(NSDictionary<NSString *, id> *)q
NSURL *URL = [RCTConvert NSURL:query[@"url"]]; // this is marked as nullable in JS, but should not be null
NSMutableURLRequest *request = [NSMutableURLRequest requestWithURL:URL];
request.HTTPMethod = [RCTConvert NSString:RCTNilIfNull(query[@"method"])].uppercaseString ?: @"GET";
request.allHTTPHeaderFields = [self stripNullsInRequestHeaders:[RCTConvert NSDictionary:query[@"headers"]]];

// Load and set the cookie header.
NSArray<NSHTTPCookie *> *cookies = [[NSHTTPCookieStorage sharedHTTPCookieStorage] cookiesForURL:URL];
request.allHTTPHeaderFields = [NSHTTPCookie requestHeaderFieldsWithCookies:cookies];

This comment has been minimized.

Sign in to view

Copy link
@JonnyBurger

JonnyBurger Jun 12, 2017

Contributor

I believe that this introduced an unintentional breaking change:

This explicitly sets the 'Cookie' header field and overrides the HTTPShouldHandleCookies option on line 245:

If your app sets the Cookie header on an NSMutableURLRequest object, then this method has no effect, and the cookie data you set in the header overrides all cookies from the cookie store.

The two seem to behave differently, on the Objective-C level a cookie set by Set-Cookie was not stored into the cookie storage and therefore my subsequent request failed.
Uncommenting this line fixed the issue for me.

This comment has been minimized.

Sign in to view

Copy link
@RedBlueThing

RedBlueThing Jul 26, 2017
edited
Loading

Hey Jonny,

We discovered today that this change introduced a problem with our application. We rely on cookies set in the headers of a 302 response being set on the subsequent request following the location.

If I undo the changes in RCTNetworking.mm and RCTHttpRequestHandler.mm (we don't use web sockets so I didn't touch RCTWebSocketModule) then the cookies are set on the follow request.

With this change the follow request doesn't have the cookies set in the 302 response.

Would love to work with you to resolve this problem. Please let me know if I can provide any more info.

Cheers,
Tom

This comment has been minimized.

Sign in to view

Copy link
@JonnyBurger

JonnyBurger Jul 26, 2017

Contributor

Hi @RedBlueThing it looks like you had the same issue as me.
I created an issue, you can follow #14869 for more info and support it so we can get the fix merged!

This comment has been minimized.

Sign in to view

Copy link
@RedBlueThing

RedBlueThing Jul 27, 2017

Hey @JonnyBurger, Awesome thanks for doing that :)

// Set supplied headers.
NSDictionary *headers = [RCTConvert NSDictionary:query[@"headers"]];
[headers enumerateKeysAndObjectsUsingBlock:^(NSString *key, id value, BOOL *stop) {
if (value) {
[request addValue:[RCTConvert NSString:value] forHTTPHeaderField:key];
}
}];

request.timeoutInterval = [RCTConvert NSTimeInterval:query[@"timeout"]];
request.HTTPShouldHandleCookies = [RCTConvert BOOL:query[@"withCredentials"]];
NSDictionary<NSString *, id> *data = [RCTConvert NSDictionary:RCTNilIfNull(query[@"data"])];
Expand Down
14 changes: 14 additions & 0 deletions Libraries/WebSocket/RCTWebSocketModule.m
View file
Original file line number Diff line number Diff line change
Expand Up @@ -60,6 +60,20 @@ - (void)dealloc
RCT_EXPORT_METHOD(connect:(NSURL *)URL protocols:(NSArray *)protocols headers:(NSDictionary *)headers socketID:(nonnull NSNumber *)socketID)
{
NSMutableURLRequest *request = [NSMutableURLRequest requestWithURL:URL];

// We load cookies from sharedHTTPCookieStorage (shared with XHR and
// fetch). To get secure cookies for wss URLs, replace wss with https
// in the URL.
NSURLComponents *components = [NSURLComponents componentsWithURL:URL resolvingAgainstBaseURL:true];
if ([components.scheme.lowercaseString isEqualToString:@"wss"]) {
components.scheme = @"https";
}

// Load and set the cookie header.
NSArray<NSHTTPCookie *> *cookies = [[NSHTTPCookieStorage sharedHTTPCookieStorage] cookiesForURL:components.URL];
request.allHTTPHeaderFields = [NSHTTPCookie requestHeaderFieldsWithCookies:cookies];

// Load supplied headers
[headers enumerateKeysAndObjectsUsingBlock:^(NSString *key, id value, BOOL *stop) {
[request addValue:[RCTConvert NSString:value] forHTTPHeaderField:key];
}];
Expand Down

0 comments on commit 047961f

Please sign in to comment.