Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Set-Cookie header is split in half by comma in Expires section #5989

Closed
pekarja5 opened this issue Dec 8, 2022 · 5 comments · Fixed by #5991
Closed

Set-Cookie header is split in half by comma in Expires section #5989

pekarja5 opened this issue Dec 8, 2022 · 5 comments · Fixed by #5991
Labels
bug Something isn't working core Refers to `@auth/core` priority Priority fix or enhancement

Comments

@pekarja5
Copy link

pekarja5 commented Dec 8, 2022
edited
Loading

Environment

System:
OS: Linux 6.0 Arch Linux
CPU: (16) x64 11th Gen Intel(R) Core(TM) i7-11800H @ 2.30GHz
Memory: 10.86 GB / 31.10 GB
Container: Yes
Shell: 5.9 - /bin/zsh
Binaries:
Node: 18.12.1 - ~/.nvm/versions/node/v18.12.1/bin/node
Yarn: 1.22.19 - ~/.nvm/versions/node/v18.12.1/bin/yarn
npm: 8.19.2 - ~/.nvm/versions/node/v18.12.1/bin/npm
Browsers:
Chromium: 108.0.5359.94
Firefox: 107.0.1
npmPackages:
next: 13.0.6 => 13.0.6
next-auth: 4.18.3 => 4.18.3
react: 18.2.0 => 18.2.0

Intŕoduced by

7e91d7d#r92403804

Describe the issue

set-cookie header is split in Expires section containing comma resulting in incomplete cookie being rejected

image

How to reproduce

call client signIn method

Expected behavior

set-cookie header is not split in half in Expires section of the cookie
@pekarja5 pekarja5 added the triage Unseen or unconfirmed by a maintainer yet. Provide extra information in the meantime. label Dec 8, 2022
@guswls1846
Copy link

next-auth version rollback 4.18.0

@balazsorban44 balazsorban44 added bug Something isn't working and removed triage Unseen or unconfirmed by a maintainer yet. Provide extra information in the meantime. labels Dec 8, 2022
@balazsorban44
Copy link
Member

balazsorban44 commented Dec 8, 2022
edited
Loading

Thanks, I identified the issue. It's related to whatwg/fetch#973 Working on a fix and will release a patch for this today.

@balazsorban44 balazsorban44 added priority Priority fix or enhancement labels Dec 8, 2022
@balazsorban44 balazsorban44 mentioned this issue Dec 8, 2022
Merged
2 tasks
@balazsorban44 balazsorban44 added the core Refers to `@auth/core` label Dec 8, 2022
@balazsorban44
Copy link
Member

I have an experimental release you can test out! pnpm add [email protected]

@balazsorban44
Copy link
Member

A fix should be out for this in 4.18.4.

@pekarja5
Copy link
Author

pekarja5 commented Dec 9, 2022

Seems to be working.
Thanks

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working core Refers to `@auth/core` priority Priority fix or enhancement
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix(core): handle Request -> Response regressions nextauthjs/next-auth
3 participants
@pekarja5 @balazsorban44 @guswls1846