Cookie set with cy.request (set-cookie response) on http local domain is not sent after a 302 redirect on this domain #29371
Labels
prevent-stale
mark an issue so it is ignored by stale[bot]
stage: needs investigating
Someone from Cypress needs to look at this
topic: cookies 🍪
type: bug
Comments
jennifer-shehane
added
the
stage: needs investigating
|
I am seeing what I believe is the same issue. It appears that during 302 redirects the response set-cookie is ignored. Weirdly enough the cookies are ultimately set in the browser and if I call |
|
This issue has not had any activity in 180 days. Cypress evolves quickly and the reported behavior should be tested on the latest version of Cypress to verify the behavior is still occurring. It will be closed in 14 days if no updates are provided. |
|
Not stale |
jennifer-shehane
added
the
prevent-stale
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Current behavior
Hello, I tried to find a related issue before posting but I couldn't find the exact situation.
I use cy.request to send a login request (POST http://local.domain/login) that set a cookie in the response header set-cookie.
If I visit the page http://local.domain/index.html to the same domain, the cookie is sent in the request headers and I am logged to the application.
Then, I use a third party website to log in and get an accesstoken, but when this third part site redirected me to the application with an 302 HTTP redirect (toward http://local.domain/index.html), the cookie is not used.
I see that the cookie is filtered in the debug tools, certainly due to a same-site constraint, but I don't know why this is happening only with the 302 redirect.
If you have any ideas.
This is working with https://local.domain (but we have some constraints to use http).
This is working if I log in using the prompt login/password in ny application (end to end actions), so it seems that cy.request sets a cookie for the browser that cannot be reused with a 302 redirect in HTTP local url
Thanks.
Desired behavior
Cypress should be able to reuse the cookie whith redirect 302, like Cypress does when navigating to the page with a cy.visit.
Test code to reproduce
cy.request http://local.domain/login => cookie is set OK
navigation to the page with cy.visit http://local.domain/index.html => OK, the page is loaded and cookie is sent in request header
SSO login process to a third part app , redirect 302 => error when returning to the page http://local.domain/index.html => cookie is not sent (filtered) and the return to the app is KO
This is the JSESSSIONID cookie when redirected to index.html
Cypress Version
13.8.0
Node version
18.9.0
Operating System
Windows
Debug Logs
No response
Other
No response
The text was updated successfully, but these errors were encountered: